Download
| Alert*
DSA-1508 diatheke -- insufficient input sanitising
Dan Dennison discovered that Diatheke, a CGI program to make a bible website, performs insufficient sanitising of a parameter, allowing a remote attacker to execute arbitrary shell commands as the web server user.
|