2 matches found
WebWho+ whois.cgi Remote Command Execution
Binary data 1589.prm...
WebWho+ whois.pl time Parameter Arbitrary Command Execution
The WebWho+ CGI script appears to be installed on the remote host. This Perl script allows an attacker to view any file on the remote host as well as to execute arbitrary commands, both subject to the privileges of the web server user id. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...