Yarssr 0.2.2 GUI.PM Remote Code Injection Vulnerability



source: www.securityfocus.com/bid/26273/info   


Yarssr is prone to a remote code-injection vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to inject and execute arbitrary malicious Perl code with the privileges of the user running the application. Successful exploits can compromise the application and possibly the underlying computer; other attacks are also possible.

Yarssr 0.2.2 is vulnerable; other versions may also be affected. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30728.rss