WWWBoard覆盖任意消息漏洞

BugCVE: CVE-1999-0930 BUGTRAQ: 1795 wwwboard.pl是Matt Wright写的一个perl脚本，用来处理web留言板。wwwboard.pl脚本存在一个问题，在用户使用form method=POST提交时没有检查其提交内容。input type=hidden name= followup value=栏的 followup 是相关的前一个消息，如果恶意用户修改了 followup 的值将导致以前存在的留言被覆盖。 2.0 Alpha 2 Matt Wright -----------...

Network Security Series knowledge of CGI exploits collection on-vulnerability warning-the black bar safety net

Following the collection and collation of some of the famous CGI vulnerability and provided some security recommendations and solutions, if the server of the presence of these vulnerabilities not patched, then, each vulnerability is likely will fill the intruder utilization, increase Server been...