December 14, 2000

simplestguest.cgi remote command execution vulnerability

Author: JT Smith

From SecurityFocus: "An insecurely call to the open() function leads to a failure to properly filter shell metacharacters from user supplied input. As a result, it is possible for an attacker to cause this script to execute arbitrary shell commands with the privilege of the webserver."


  • Linux
Click Here!