Описание
myquiz.pl in Dale Ray MyQuiz 1.01 allows remote attackers to execute arbitrary commands via shell metacharacters in the URL, which are not properly handled as part of the PATH_INFO environment variable.
myquiz.pl in Dale Ray MyQuiz 1.01 allows remote attackers to execute arbitrary commands via shell metacharacters in the URL, which are not properly handled as part of the PATH_INFO environment variable.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-0628
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24501
- http://attrition.org/pipermail/vim/2006-February/000537.html
- http://secunia.com/advisories/18737
- http://securityreason.com/securityalert/409
- http://www.corantodemo.net/coranto/viewnews.cgi?id=EpApAAAVkyirPGThSf&style=dldetails
- http://www.evuln.com/vulns/57/summary.html
- http://www.osvdb.org/22925
- http://www.securityfocus.com/archive/1/423921/100/0/threaded
- http://www.securityfocus.com/archive/1/424266/100/0/threaded
- http://www.vupen.com/english/advisories/2006/0443
EPSS
Процентиль: 96%
0.29207
Средний
CVE ID
Связанные уязвимости
nvd
почти 20 лет назад
myquiz.pl in Dale Ray MyQuiz 1.01 allows remote attackers to execute arbitrary commands via shell metacharacters in the URL, which are not properly handled as part of the PATH_INFO environment variable.
EPSS
Процентиль: 96%
0.29207
Средний