innoEDIT 'innoedit.cgi'远程命令执行漏洞

Bugtraq ID:66367 innoEDIT是一款基于WEB的应用。 innoEDIT 'innoedit.cgi'不正确处理提交给'download'参数的数据，允许远程攻击者利用漏洞提交特殊shell元字符，可以WEB权限执行任意命令。 0 innoEDIT 6.2 目前没有详细解决方案提供： http://www.inno.com.mx/innoedit.htm http://www.mtyjet.com/innoedit/innoedit.cgi?download=;id|...

innoEDIT 6.2 RCE Vulnerability - Active Check

innoEDIT is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

innoEDIT 6.2 Remote Command Execution

Remote Comand Execution on innoEDIT + Date: 21/03/2014 + Risk: High + Author: Felipe Andrian Peixoto + Vendor Homepage : http://www.inno.com.mx/innoedit.htm + Contact: [email protected] + Tested on Windows 7 and Linux + Vulnerable File: innoedit.cgi + Version : Version 6.2 + Exploit:...

innoEDIT - innoedit.cgi Remote Command Execution

innoEDIT - innoedit.cgi Remote Command Execution source: https://www.securityfocus.com/bid/66367/info innoEDIT is prone to a remote command-execution vulnerability because the application fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute...

innoEDIT - 'innoedit.cgi' Remote Command Execution

source: https://www.securityfocus.com/bid/66367/info innoEDIT is prone to a remote command-execution vulnerability because the application fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary commands in the context of the affected...