Russcom Network: Security Vulnerabilities
ping.php in Russcom.Ping allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter.
CVSS Score
7.5
EPSS Score
0.011
Published
2006-05-26
Russcom PHPImages allows remote attackers to upload files of arbitrary types by uploading a file with a .gif extension. NOTE: due to lack of specific information about attack vectors do not depend on the existence of another vulnerability, it is not clear whether this is a vulnerability.
CVSS Score
5.0
EPSS Score
0.004
Published
2006-05-25
CRLF injection vulnerability in help.php in Russcom Network Loginphp allows remote attackers to spoof e-mails and inject MIME headers via CRLF sequences in the email address.
CVSS Score
5.0
EPSS Score
0.005
Published
2006-05-03
Cross-site scripting (XSS) vulnerability in Russcom Network Loginphp (Russcom.Loginphp) allows remote attackers to inject arbitrary web script or HTML via the username field when registering.
CVSS Score
4.3
EPSS Score
0.004
Published
2006-05-03