Vulnerabilities (CVE)

Filtered by vendor Coder-world Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-1831 1 Coder-world 1 Sysinfo 2024-02-28 7.5 HIGH N/A
Direct static code injection vulnerability in sysinfo.cgi in sysinfo 1.21 and possibly other versions before 2.25 allows remote attackers to execute arbitrary commands via a leading ; (semicolon) in the name parameter in a systemdoc action, which is injected into phpinfo.php.
CVE-2006-1832 1 Coder-world 1 Sysinfo 2024-02-28 5.0 MEDIUM N/A
sysinfo.cgi in sysinfo 1.21 allows remote attackers to obtain the installation path via the debugger action.