CS Whois Lookup - 'ip' Remote Command Execution
| EKU-ID: 37833 | CVE: | OSVDB-ID: |
| Author: SirGod | Published: 2009-04-23 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 37833 | CVE: | OSVDB-ID: |
| Author: SirGod | Published: 2009-04-23 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/34700/info CS Whois Lookup is prone to a remote command-execution vulnerability because the software fails to adequately sanitize user-supplied input. Successful attacks can compromise the affected software and possibly the computer. http://www.example.com/path/index.php?ip=||whoami