Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Auction_weaver |
Cgi_script_center |
1.0 |
1.0 |
Auction_weaver |
Cgi_script_center |
1.02 |
1.02 |
References