HP Data Protector EXEC_INTEGUTIL Remote Code Execution Exploit

This exploit abuses a vulnerability in the HP Data Protector. The vulnerability exists in the Backup client service, which listens by default on TCP/5555. The EXECINTEGUTIL request allows to execute arbitrary commands from a restricted directory. Since it includes a perl executable, it's possible...

Qualiteam X-Cart 3.x general.php perl_binary Parameter Arbitrary Command Execution

No description provided by source. source: http://www.securityfocus.com/bid/9560/info X-Cart has been reported to be prone to an issue that may allow remote attackers to execute arbitrary commands on the affected system. The issue is caused by a failure of the application to sanitize values...

Qualiteam X-Cart远程命令执行漏洞

BUGTRAQ: 9560 X-Cart没有充分过滤URI的参数值，远程攻击者可以利用这个漏洞以WEB进程权限执行任意命令。 问题存在与'admin/general.php'脚本上，由于对perlbinary参数值缺少充分过滤，提交任意SHELL命令，可导致以WEB进程权限在系统上执行任意命令。 Qualiteam X-Cart 3.4.11 Qualiteam X-Cart 3.4.3 Qualiteam X-Cart 3.4 .0 Qualiteam X-Cart 3.3.2 Qualiteam X-Cart 3.3 .0 Qualiteam X-Cart 3.2.1 Qualite...

QualiteamXCart远程命令执行漏洞

X-Cart是一款基于PHP的电子商务程序。X-Cart没有充分过滤URI的参数值，远程攻击者可以利用这个漏洞以WEB进程权限执行任意命令。问题存在与'admin/general.php'脚本上，由于对perlbinary参数值缺少充分过滤，提交任意SHELL命令，可导致以WEB进程权限在系统上执行任意命令。 Qualiteam X-Cart3.4.3 厂商补丁：Qualiteam --------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：http://www.x-cart.com/...

CVE-2004-0241

CVE-2004-0241 affects X-Cart 3.4.3 (Qualiteam X-Cart). The vulnerability allows remote attackers to execute arbitrary commands by supplying output in the perl_binary parameter in either upgrade.php or general.php. The underlying cause is improper handling of the perl_binary argument, leading to a...