CVE-2002-2420
Super Site Searcher - Remote Command Execution via Page Parameter
Title source: llmExploitation Summary
EIP tracks 2 public exploits for CVE-2002-2420. PoCs published by luca.ercoli, krdsploit.
AI-analyzed exploit summary This exploit demonstrates a command injection vulnerability in Super Site Searcher and Simple Site Searcher. The vulnerability arises from inadequate filtering of shell metacharacters in the 'page' parameter, allowing arbitrary command execution with the privileges of the webserver process.
Description
site_searcher.cgi in Super Site Searcher allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter.
Exploits (2)
This exploit demonstrates a command injection vulnerability in Super Site Searcher and Simple Site Searcher. The vulnerability arises from inadequate filtering of shell metacharacters in the 'page' parameter, allowing arbitrary command execution with the privileges of the webserver process.
This repository contains a Metasploit module for CVE-2002-2420, which exploits a command injection vulnerability in Super Site Searcher's site_searcher.cgi via shell metacharacters in the 'page' parameter. The exploit allows remote command execution on the target system.