- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 25034
- Проверка EDB
-
- Пройдено
- Автор
- MANIGANDAN RADHAKRISHNAN
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- N/A
- Дата публикации
- 2004-12-15
Код:
source: https://www.securityfocus.com/bid/12034/info
greed (Get and Resume Elite Edition) is prone to unauthorized command execution. This issue is exposed when the application processes a GRX file list that specifies shell metacharacters and commands in file names on the list. GRX file lists allow file downloads to be scripted. Since GRX file lists may originate from an external or untrusted source, this vulnerability is considered to be remote in nature.
Successful exploitation will result in command execution in the context of the application.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/25034.zip- Источник
- www.exploit-db.com
