CVE-2003-1248

Опубликовано: 31 дек. 2003

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) mode and (2) zipfile parameters in a URL request.

Ссылки

http://psoft.net/misc/webshell_patch.html
Patch
http://www.iss.net/security_center/static/11001.php
Patch
http://www.securityfocus.com/archive/1/305313
Patch
Vendor Advisory
http://www.securityfocus.com/bid/6537
Patch
http://www.securityfocus.com/bid/6539
Patch
http://www.securitytracker.com/id?1005893
http://psoft.net/misc/webshell_patch.html
Patch
http://www.iss.net/security_center/static/11001.php
Patch
http://www.securityfocus.com/archive/1/305313
Patch
Vendor Advisory
http://www.securityfocus.com/bid/6537
Patch
http://www.securityfocus.com/bid/6539
Patch
http://www.securitytracker.com/id?1005893

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:positive_software:h-sphere:2.3_rc3:*:*:*:*:*:*:*

EPSS

Процентиль: 83%

0.01848

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-gp66-5wfx-mjpm

github

почти 4 года назад