CVE-1999-1053

This Metasploit module exploits a command execution vulnerability in Matt Wright guestbook.pl by leveraging Server-Side Include (SSI) execution in the guestbook.html output. It requires HTML posting to be enabled and SSI support for .html files on the server.

This Metasploit module exploits a command injection vulnerability in Matt Wright guestbook.pl (CVE-1999-1053) by leveraging Server-Side Include (SSI) execution in the guestbook.html output. It sends a crafted POST request with a malicious SSI directive in the comments field, then triggers execution by accessing the output file.

This repository contains a functional Python script that exploits CVE-1999-1053, a Server-Side Include (SSI) injection vulnerability in Matt Wright Guestbook <= 2.3.1. The script sends a crafted POST request to inject SSI directives, which are then executed when the guestbook.html page is accessed.

This Metasploit module exploits a command execution vulnerability in Matt Wright guestbook.pl (CVE-1999-1053) by injecting SSI directives into the guestbook comments field, requiring HTML posting and SSI support on the server. The exploit sends a crafted POST request to execute arbitrary commands via the SSI exec directive.