Bajie 0.78 - Arbitrary Shell Command Execution
| EKU-ID: 26187 | CVE: CVE-2001-0307;OSVDB-762 | OSVDB-ID: |
| Author: joetesta | Published: 2001-02-15 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 26187 | CVE: CVE-2001-0307;OSVDB-762 | OSVDB-ID: |
| Author: joetesta | Published: 2001-02-15 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/2389/info Requesting a specailly crafted URL containg arbitrary code, can be exected on a Unix system running Bajie Webserver. Any arbitrary commands appended to a malicious URL after the ';' will be executed as an independent job. http://target/bin/test.txt;%20[shell command]