plainblack.com
Username Password
search
Community Support
WebGUI User Guides
Wiki
Forums
Report A Bug
Request Features
WebGUI TV
Add-ons and Plug-ins
Service Providers
webGUI in the news
Karma
API Docs
the people behind wg
webgui worldwide
Mascot
wallpapers
powered by icons
Sightings
WebGUI 8
Bookmark and Share
View All Tickets
Arbitrary perl code can be executed by any user with upload permission  (#8980)
Issue

Any user with permission to upload files to the server can upload a perl module, then cause the server to execute it using a properly formatted URL.

Solution Summary
Fixed.
Comments
Graham
0
10/27/2008 6:40 pm 		Fixed in 7.5.30.
Graham
0
10/27/2008 6:42 pm 		Fixed for 7.6.2. Attached patch for WebGUI 7.4 and other versions.
Details
Ticket Status Resolved  
Rating0.0 
Submitted ByGraham 
Date Submitted2008-10-27 
Assigned To unassigned  
Date Assigned2023-03-22 
Assigned By 
Severity Fatal (can't continue until this is resolved)  
What's the bug in? WebGUI Stable  
WebGUI / WRE Version  
URLbugs/tracker/8980
Keywords
Related Files
Ticket History
10/27/2008
11:43 PM 		Ticket edited Graham
10/27/2008
11:42 PM 		Resolved Graham
10/27/2008
10:11 PM 		Ticket created Graham
© 2023 Plain Black Corporation | All Rights Reserved