7 matches found
The Matt Wright guestbook.pl <= 2.3.1 - Server Side Include Vulnerability
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...
CVE-1999-1053
creationtimestamp| type| source ---|---|--- 2010-07-03 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16914 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/guestbookssiexec.rb 2025-02-06 03:13:37+00:00| seen|...
Matt Wright guestbook.pl Arbitrary Command Execution
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Matt Wright...
Matt Wright guestbook.pl Arbitrary Command Execution
The Matt Wright guestbook.pl 'Matt Wright guestbook.pl Arbitrary Command Execution', 'Description' = %q The Matt Wright guestbook.pl 'aushack' , 'License' = MSFLICENSE, 'References' = 'CVE...
CVE-1999-1053
CVE-1999-1053 relates to the guestbook.pl CGI which sanitizes Server-Side Includes by stripping text between . The provided data confirms a vulnerability where this sanitization is incomplete, allowing remote attackers to execute arbitrary commands when guestbook.pl runs on Apache 1.3.9 and poten...
CVE-1999-1053
guestbook.pl cleanses user-inserted SSI commands by removing text between "" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "--"...
CVE-1999-1053
guestbook.pl cleanses user-inserted SSI commands by removing text between "" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "--"...