- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 19121
- Проверка EDB
-
- Пройдено
- Автор
- ALBERT NUBDY
- Тип уязвимости
- REMOTE
- Платформа
- MULTIPLE
- CVE
- cve-1999-1436
- Дата публикации
- 1998-07-08
Код:
source: https://www.securityfocus.com/bid/152/info
A vulnerability exists in the WWW Authorization Gateway program written by Ray Chan. Version 1.0 fails to eliminate characters with special meaning to the shell prior to executing a command. As a result, an attacker can utilize certain characters to execute arbitrary commands on a system remotely, as whatever user invoked the cgi-bin.
Place the following as a username:
| some command
and any password. The command will be executed.- Источник
- www.exploit-db.com
