nph-maillist Arbitrary Code Execution Vulnerability

nph-maillist is a Perl CGI script that handles mailing lists, typically used to notify interested users of site updates. A hostile user can enter commands embedded in an email address via the subscription form, and then force a mailing which will execute the commands.


 

Privacy Statement
Copyright 2010, SecurityFocus