Viewing 2 posts - 1 through 2 (of 2 total)
    • Author
      Posts
    • RedofM3
      Guest

      My host states the WPS is injectable at the D parameter and the remote CGI is able to run scripts because there is not proper sanitizing using the HTTP method.

      Quote:

      The remote web server hosts cgi scripts that fail to adequately sanitize request strings. By

      leveraging this issue, an attacker may be able to include a remote file from a remote server and

      execute arbitrary commands on the target host.

      High / CVSS Base Score : 7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

      Restrict access to the vulnerable application. Contact the vendor

      for a patch or upgrade.


      output



      […] includes%3A+safety%2C+saving+money%2C+eco-friendly%2C+speed%2C+and+more+convenience…Will+you+choose+to+MAD%3F+It+is+time+to+Make+A+Difference.%0D%0A%0D%0A%0D%0AStatistics%0D%0ADo+you+want+to+become+a+statistic%3F+Read+and+decide+if+you+are+already+a+stat%20-%20http://mommasmoneymatters.com/mad-bill-pay/?D=http://w2DCfiZo.example.com/” title=”Email this” target=”_blank” rel=”nofollow”class=”wp-socializer-single”>Email