Miyabi CGI Tools 1.02 – ‘index.pl’ Remote Command Execution

• Exploit Database
• 9 阅读

• 作者： Marshall Whittaker
  日期： 2010-06-29
• 类别：

  • webapps
  平台：

  • cgi
• 来源：https://www.exploit-db.com/exploits/34223/

• source: https://www.securityfocus.com/bid/41228/info
  
  Miyabi CGI Tools is prone to a vulnerability that attackers can leverage to execute arbitrary commands in the context of the application. This issue occurs because the application fails to adequately sanitize user-supplied input.
  
  Successful attacks can compromise the affected application and possibly the underlying computer.
  
  Miyabi CGI Tools 1.02 is vulnerable; other versions may also be affected.
  
  http://www.example.com/index.pl?mode=html&fn=|uname%20-a|