eXtropia bbs_forum.cgi 1.0 - Remote Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2177/info bbsforum.cgi is a popular Perl cgi script from eXtropia.com. It supports the creation and maintenance of web-based threaded discussion forums. Version 1.0 of bbsforum.cgi fails to properly validate user-supplied...

Why Full Disclosure Still Matters

When the venerable Full Disclosure security mailing list shut down abruptly last month, many in the security community were surprised. But a lot of people, even those who had been members of the list for a long time, greeted the news with a shrug. Twitter, blogs and other outlets had obviated the...

eXtropia bbs_forum.cgi 1.0 - Arbitrary Command Execution

eXtropia bbsforum.cgi 1.0 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/2177/info bbsforum.cgi is a popular Perl cgi script from eXtropia.com. It supports the creation and maintenance of web-based threaded discussion forums. Version 1.0 of bbsforum.cgi fails to properly...

DCForum 1-6 - Arbitrary File Disclosure

source: https://www.securityfocus.com/bid/1951/info DCForum is a commercial cgi script from DCScripts which is designed to facilitate web-based threaded discussion forums. The script improperly validates user-supplied input, which allows the remote viewing of arbitrary files on the host which are...