9 lines
No EOL
557 B
Text
9 lines
No EOL
557 B
Text
source: http://www.securityfocus.com/bid/7043/info
|
|
|
|
A remote command execution vulnerability has been discovered in the Wordit Logbook application. This issue occurs due to insufficient sanitization of externally supplied data to the 'logbook.pl' script.
|
|
|
|
A remote attacker may exploit this condition to gain local, interactive access to the underlying host.
|
|
|
|
This vulnerability was reported to affect Wordit Logbook version 098b3 previous versions may also be affected.
|
|
|
|
www.example.com/logbook.pl?file=../../../../../../../bin/cat%20logbook.pl%00| |