ePerl Handling of ISINDEX Query...

- AV AC AU C I A
发布: 1998-07-06
修订: 2018-10-17

A bug exists in ePerl's handling of the ISINDEX queries. When ISINDEX is used, the query is passed on the command line by the web server. This would allow an attacker to execute arbitrary code via the ePerl interpreter, with none of the restrictions enforced normally. In addition, this allows for the execution of any code on the file system.

0%
当前有1条漏洞利用/PoC
产品及版本信息(CPE)暂不可用