|
Marcus Xenakis directory.php Shell Command Execution Vulnerability
The directory.php script provides a web interface for directory listings, similar to the 'ls' command. An issue exists in this script which could allow a user to execute arbitrary shell commands. This is achieved by including metacharacters such as ; or | in the script's input. Shell commands will execute with the permissions of the script process, often a non-privileged user 'nobody'. |
|
 Privacy Statement |
