viewFile.php in the scm component of Gforge before 4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the file_name parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gforge | Gforge | 3.21 | 3.21 |
Gforge | Gforge | 3.1 | 3.1 |
Gforge | Gforge | 3.2 | 3.2 |
Gforge | Gforge | 3.3 | 3.3 |