Hi All, This is Yet Another Bad Perl Script. everythingform.cgi uses a hidden field 'config' to determine where to read configuration data from. --code snippit-- .. $ConfigFile = $in{config}; .. open(CONFIG, "$configdir$ConfigFile") || &Error("I can\'t open $ConfigFile in the ReadConfig subroutine. Reason: $!"); ------------ Information regarding everythingform can be found at: http://www.conservatives.net/atheist/scripts/index.html?everythingform Sample exploit:
--rpc