Yarssr 0.2.2 - GUI.PM Remote Code Injection

EDB-ID:

30728




Platform:

Linux

Date:

2007-10-31


source: www.securityfocus.com/bid/26273/info   

Yarssr is prone to a remote code-injection vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to inject and execute arbitrary malicious Perl code with the privileges of the user running the application. Successful exploits can compromise the application and possibly the underlying computer; other attacks are also possible.

Yarssr 0.2.2 is vulnerable; other versions may also be affected. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/30728.rss