Описание
dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute arbitrary commands by uploading a Perl program to the server and using a .. (dot dot) in the AZ parameter to reference the program.
Ссылки
- ExploitPatchVendor Advisory
- ExploitPatch
- PatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:dcscripts:dcforum:1.0:*:*:*:*:*:*:*
cpe:2.3:a:dcscripts:dcforum:2.0:*:*:*:*:*:*:*
cpe:2.3:a:dcscripts:dcforum:3.0:*:*:*:*:*:*:*
cpe:2.3:a:dcscripts:dcforum:4.0:*:*:*:*:*:*:*
cpe:2.3:a:dcscripts:dcforum:5.0:*:*:*:*:*:*:*
cpe:2.3:a:dcscripts:dcforum:6.0:*:*:*:*:*:*:*
cpe:2.3:a:dcscripts:dcforum_2000:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.02032
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute arbitrary commands by uploading a Perl program to the server and using a .. (dot dot) in the AZ parameter to reference the program.
EPSS
Процентиль: 83%
0.02032
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other