Alkalay.Net Multiple Scripts Arbitrary Remote Command Execution Vulnerabilities

ID SSV:79931
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


Multiple scripts are prone to arbitrary remote command execution vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input.

An attacker can prefix arbitrary commands with the pipe '|' character and have them executed in the context of the Web server process.;touch%20/tmp/test