CGI abuses : RunCMS <= 1.2 Arbitrary Variable Overwrite

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.56876

Category: CGI abuses

Title: RunCMS <= 1.2 Arbitrary Variable Overwrite

Summary: NOSUMMARY

Description: Description:

The remote version of RunCMS, according to its version
number, is vulnerable to an arbitrary variable overwrite
that allows an attacker to supply unsanitized data via
POST requests.

Versions up to 1.2 are known to be vulnerable.

Solution : Upgrade to a later version.

Risk factor : High

CVSS Score:
7.5

Cross-Ref: BugTraq ID: 14634
Common Vulnerability Exposure (CVE) ID: CVE-2005-2691
http://www.gulftech.org/?node=research&article_id=00094-08192005
http://secunia.com/advisories/16514

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.56876
Category:	CGI abuses
Title:	RunCMS <= 1.2 Arbitrary Variable Overwrite
Summary:	NOSUMMARY
Description:	Description: The remote version of RunCMS, according to its version number, is vulnerable to an arbitrary variable overwrite that allows an attacker to supply unsanitized data via POST requests. Versions up to 1.2 are known to be vulnerable. Solution : Upgrade to a later version. Risk factor : High CVSS Score: 7.5
Cross-Ref:	BugTraq ID: 14634 Common Vulnerability Exposure (CVE) ID: CVE-2005-2691 http://www.gulftech.org/?node=research&article_id=00094-08192005 http://secunia.com/advisories/16514
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com