https://www.exploit-db.com/exploits/22337

漏洞细节尚未披露

source: http://www.securityfocus.com/bid/7043/info

A remote command execution vulnerability has been discovered in the Wordit Logbook application. This issue occurs due to insufficient sanitization of externally supplied data to the 'logbook.pl' script.

A remote attacker may exploit this condition to gain local, interactive access to the underlying host.

This vulnerability was reported to affect Wordit Logbook version 098b3 previous versions may also be affected.

www.example.com/logbook.pl?file=../../../../../../../bin/cat%20logbook.pl%00|