CVE-1999-1437
ePerl 2.2.12 - Arbitrary File Read and Command Execution via bar.phtml Argument
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-1999-1437. PoCs published by Luz Pinto.
AI-analyzed exploit summary The exploit describes a vulnerability in ePerl where ISINDEX queries allow arbitrary code execution via command-line arguments passed to the ePerl interpreter. The attacker can execute any code on the filesystem by manipulating the query path.
Description
ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml.
Exploits (1)
The exploit describes a vulnerability in ePerl where ISINDEX queries allow arbitrary code execution via command-line arguments passed to the ePerl interpreter. The attacker can execute any code on the filesystem by manipulating the query path.