Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Marcus Xenakis directory.php Shell Command Execution Vulnerability

Marcus Xenakis directory.php Shell Command Execution Vulnerability

by Nikola Strahija on March 15th, 2002 The directory.php script provides a web interface for directory listings, similar to the 'ls' command. An issue exists in this script which could allow a user to execute arbitrary shell commands. This is achieved by including metacharacters such as ; or | in the script's input. Shell commands will execute with the permissions of the script process, often a non-privileged user 'nobody'.


Remote: Yes

Exploit: No exploit code.

Vulenerable: Marcus S. Xenakis directory.php 0.0


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »