linkscript - leave-link.cgi

download from: http://www.newbreedsoftware.com/


problem description:

the unchecked parameter "file" and "url" allows an attacker
to create and write "any" file on system with webservers permissions.


(which makes it pretty dangerous)

example:

http://www.dumbasssite.com/cgi-bin/leave-link.cgi?file=yes.php3&url=xxxx

creates file: "./yes.php3" with content:"<timestamp>:" xxxxx





RC-EOF