Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
[RT-SA-2014-004] Remote Command Execution in webEdition CMS Installer Script
May 28 2014 03:01PM
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: Remote Command Execution in webEdition CMS Installer Script
RedTeam Pentesting discovered a remote command execution vulnerability
in the installer script of the webEdition CMS during a penetration test.
If the installer script is not manually removed after installation,
attackers cannot ...
[ more ]
Copyright 2010, SecurityFocus