innoEDIT – ‘innoedit.cgi’ Remote Command Execution

  • 作者: Felipe Andrian Peixoto
    日期: 2014-03-21
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/39127/
  • source: https://www.securityfocus.com/bid/66367/info

innoEDIT is prone to a remote command-execution vulnerability because the application fails to sufficiently sanitize user-supplied input data.

An attacker may leverage this issue to execute arbitrary commands in the context of the affected application.

innoEDIT 6.2 is vulnerable; other versions may also be affected. 

http://www.example.com/innoedit/innoedit.cgi?download=;id|