CVE-2005-3576

Walla TeleSite <3.0 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-3576. PoCs published by Rafi Nahum.

AI-analyzed exploit summary The provided text describes multiple input validation vulnerabilities in Walla TeleSite, including SQL injection, XSS, and path disclosure. It references CVE-2005-3576 and provides a sample URL for exploitation but lacks actual exploit code.

Description

ts.exe in Walla TeleSite 3.0 and earlier allows remote attackers to access privileged information by entering the article number in tsurl parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Rafi Nahum · textwebappscgi

https://www.exploit-db.com/exploits/26506

View Code ZIP pw:eip

The provided text describes multiple input validation vulnerabilities in Walla TeleSite, including SQL injection, XSS, and path disclosure. It references CVE-2005-3576 and provides a sample URL for exploitation but lacks actual exploit code.

Classification

Writeup 90%

Attack Type

Sqli | Xss | Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: Walla TeleSite version 3.0 and earlier

No auth needed

Prerequisites: Network access to the target application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/416581/30/0/threaded

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/15419

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17547

Scores

EPSS 0.0291

EPSS Percentile 85.2%

Details

Status published

Products (1)

walla_telesite/walla_telesite < 3.0

Published Nov 16, 2005

Tracked Since Feb 18, 2026