source: wwwsecurityfocuscom/bid/770/info
There are several CGI programs that ship with the Alibaba webserver Many of these do not do proper input handling, and therefore will allow requests for access to files outside of normal or safe webserver practice This results in various situations where an attacker can view, overwrite, create an ...