TalkBack Security Bypass and Remote Command Execution Vulnerability

Attackers can exploit these issues via a browser.

The following example URIs are available:

http://www.example.com/talkback/comments.php?edit=1&edit_id=2&

http://www.example.com/talkback/addons/import.php?result=[Command]


 

Privacy Statement
Copyright 2010, SecurityFocus