Nick Cleaton

1 exploit Active since Sep 2003
CVE-2003-0770 EXPLOITDB perl WORKING POC
IkonBoard <= 3.1.2a - Remote Code Execution via Lang Cookie Injection
FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the "lang" cookie when it contains illegal characters, which allows remote attackers to execute arbitrary code when the cookie is inserted into a Perl "eval" statement.