2 matches found
MAILNEWS mailnews.cgi Arbitrary Command Execution
mailnews.cgi is being hosted on the remote web server. Input to the 'address' parameter is not properly sanitized. A remote attacker could exploit this to execute arbitrary commands with the privileges of the web server. Please note Nessus only checked for the presence of this CGI, and did not...
Дырка в mailnews.cgi
Недостаточная проверка ввода опльзователя дает возможность выполнения приложений на сервере...