API tools faq
paste
Advertisement
Scorz-Root

CGI-Club imTRBBS 1.0 - Remote Command Execution

Scorz-Root
Dec 15th, 2017
985
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.49 KB | None | 0 0
raw download clone embed print report
  1. source: http://www.securityfocus.com/bid/14091/info
  2.  
  3. imTRBBS is affected by a remote command execution vulnerability.
  4.  
  5. Specifically, an attacker can supply arbitrary commands prefixed with the '|' character through the 'im_trbbs.cgi' script that will be executed in the context of the Web server running the application.
  6.  
  7. This issue is reported to affect imTRBBS version 1.02; other versions may also be vulnerable.
  8.  
  9. http://www.example.com/cgi-bin/im_trbbs.cgi?uid=parameter&df=bbs.dat|ls|
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!