CGI-Club imTRBBS 1.0 – Remote Command Execution

CGI-Club imTRBBS 1.0 – Remote Command Execution

漏洞ID 1055212 漏洞类型
发布时间 2005-06-29 更新时间 2005-06-29
图片[1]-CGI-Club imTRBBS 1.0 – Remote Command Execution-安全小百科CVE编号 N/A
图片[2]-CGI-Club imTRBBS 1.0 – Remote Command Execution-安全小百科CNNVD-ID N/A
漏洞平台 CGI CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/25918
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/14091/info

imTRBBS is affected by a remote command execution vulnerability.

Specifically, an attacker can supply arbitrary commands prefixed with the '|' character through the 'im_trbbs.cgi' script that will be executed in the context of the Web server running the application.

This issue is reported to affect imTRBBS version 1.02; other versions may also be vulnerable. 

http://www.example.com/cgi-bin/im_trbbs.cgi?uid=parameter&df=bbs.dat|ls|

相关推荐: FTP服务器cwd命令路径暴露漏洞

FTP服务器cwd命令路径暴露漏洞 漏洞ID 1207589 漏洞类型 未知 发布时间 1997-01-01 更新时间 1997-01-01 CVE编号 CVE-1999-0201 CNNVD-ID CNNVD-199701-033 漏洞平台 N/A CVSS…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享