Rafi Nahum - Security Researcher - Exploit Intelligence Platform

CVE-2005-3579 EXPLOITDB text WRITEUP

Walla TeleSite <3.0 - Path Traversal

ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote attackers to access arbitrary local files via the querystring.

View Code

CVE-2005-3577 EXPLOITDB text WRITEUP

Walla Telesite < 3.0 - XSS

Cross-site scripting vulnerability (XSS) in ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the sug parameter.

View Code

CVE-2005-3578 EXPLOITDB text WORKING POC

Walla Telesite < 3.0 - SQL Injection

SQL injection vulnerability in ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote attackers to inject arbitrary SQL commands via the sug parameter.

View Code

CVE-2005-3576 EXPLOITDB text WRITEUP

Walla TeleSite <3.0 - Info Disclosure

ts.exe in Walla TeleSite 3.0 and earlier allows remote attackers to access privileged information by entering the article number in tsurl parameter.

View Code