PHP Easy Downloader <= 1.5 (save.php) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl +------------------------------------------------------------------------------------------- + PHP Easy Download = 1.5 Remote Code Execution Vulnerability +-------------------------------------------------------------------------------------------...

PHP Easy Download file_info/admin/save.php文件远程代码执行漏洞

PHP Easy Download是一款方便易用的下载脚本。 PHP Easy Download在处理用户请求时存在输入验证漏洞，远程攻击者可能利用此漏洞以Web进程权限在服务器上执行任意命令。 PHP Easy Download的fileinfo/admin/save.php脚本没有正确验证description、moreinfo、accesses、date和filename参数的输入，允许攻击者通过filename加上字符串“.0”写入Web可访问的文件，导致执行任意PHP代码。漏洞代码如下： fileinfo/admin/save.php， 14-36行： - 14:...

PHP Easy Downloader 1.5 - save.php Remote Code Execution

PHP Easy Downloader 1.5 - save.php Remote Code Execution !/usr/bin/perl +------------------------------------------------------------------------------------------- + PHP Easy Download +------------------------------------------------------------------------------------------- + Details: + PHP Ea...

PHP Easy Downloader 1.5 - &#039;save.php&#039; Remote Code Execution

!/usr/bin/perl +------------------------------------------------------------------------------------------- + PHP Easy Download +------------------------------------------------------------------------------------------- + Details: + PHP Easy Download by default installation doesn't prevent any o...