CVE Vulnerabilities

CVE-2004-2776

Published: Dec 31, 2019 | Modified: Jan 14, 2020
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

go.cgi in GoScript 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) query string or (2) artarchive parameter.

Affected Software

Name Vendor Start Version End Version
Goscript Goscript_project 2.0 (including) 2.0 (including)

References