-
January 31st, 2002, 11:27 PM
#1
New CGI bug
The search.cgi script included with the AHG Search Engine does not adequately filter input. Due to lack of sufficient input sanitization, it is possible for a remote user to pass semi-colon ( and pipe (|) characters through a search request. This can result in the commands encapsulated between the symbols being executed with the privileges of the web server.
Read more at www.xatrix.org
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|