9 lines
No EOL
535 B
Text
9 lines
No EOL
535 B
Text
source: https://www.securityfocus.com/bid/14834/info
|
|
|
|
A remote command execution vulnerability affects the application.
|
|
|
|
The revision control function of the TWikiUsers script uses the backtick shell metacharacter to construct a command line. An attacker may use a specially crafted URI to execute arbitrary commands through the shell.
|
|
|
|
This attack would occur in the context of the vulnerable application and can facilitate unauthorized remote access.
|
|
|
|
http://www.example.com/cgi-bin/view/Main/TWikiUsers?rev=2%20%7Cless%20/etc/passwd |