VULHUB ™

My Classifieds is a program which is based on the classifieds section of a newspaper, and allows users to modify ads remotely. My Classifieds is maintained by Mike Spice. It may be possible in possible to overwrite system files that are webserver writeable with custom data. This is due to an input validation vulnerability in 'classifieds.cgi' when the 'category' CGI variable is passed to the perl open() function. Attackers can use directory traversal '../' character sequences and NULL bytes to specify any file and path on the filesystem.

My Classifieds is a program which is based on the classifieds section of a newspaper, and allows users to modify ads remotely. My Classifieds is maintained by Mike Spice. It may be possible in possible to overwrite system files that are webserver writeable with custom data. This is due to an input validation vulnerability in 'classifieds.cgi' when the 'category' CGI variable is passed to the perl open() function. Attackers can use directory traversal '../' character sequences and NULL bytes to specify any file and path on the filesystem.