Описание
sendmessage.cgi in W3Mail 1.0.2, and possibly other CGI programs, allows remote attackers to execute arbitrary commands via shell metacharacters in any field of the 'Compose Message' page.
Ссылки
- ExploitPatchVendor Advisory
- Vendor Advisory
- ExploitPatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:spencer_miles:w3mail:1.0.2:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01483
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
sendmessage.cgi in W3Mail 1.0.2, and possibly other CGI programs, allows remote attackers to execute arbitrary commands via shell metacharacters in any field of the 'Compose Message' page.
EPSS
Процентиль: 80%
0.01483
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other