Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the directory that contains the keylist.txt file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SuSE Linux Sdbsearch.cgi执行任意命令漏洞
Vulnerability Description
SuSE Linux 6.0-7.2版本中的Sdbsearch.cgi存在漏洞,远程攻击者通过上传包含带有shell元字符文件名的keylist.txt文件执行任意命令,然后使用HTTP提交者(来自HTTP_REFERER变量)中的..搜索该文件从而指向包含keylist.txt文件的目录。
CVSS Information
N/A
Vulnerability Type
N/A