mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
835 B
835 B
CVE-2006-2548
Description
Prodder before 0.5, and perlpodder before 0.5, allows remote attackers to execute arbitrary code via shell metacharacters in the URL of a podcast (url attribute of an enclosure tag, or $enc_url variable), which is executed when running wget.
POC
Reference
- http://securityreason.com/securityalert/942
- http://www.redteam-pentesting.de/advisories/rt-sa-2006-002.php
- http://www.redteam-pentesting.de/advisories/rt-sa-2006-003.php
Github
No PoCs found on GitHub currently.