WebGlimpse 2.14.1/2.18.8 – ‘webglimpse.cgi’ Remote Command Injection

• Exploit Database
• 15 阅读

• 作者： Kevin Perry
  日期： 2012-03-20
• 类别：

  • webapps
  平台：

  • cgi
• 来源：https://www.exploit-db.com/exploits/36974/

• source: https://www.securityfocus.com/bid/52627/info
  
  WebGlimpse is prone to a remote command-injection vulnerability.
  
  Attackers can exploit this issue to execute arbitrary commands in the context of the application.
  
  WebGlimpse versions prior to 20.20.0 are affected. 
  
  query=%27%26command+and+arguments+go+here%26%27