Описание
perlpodder before 0.5 allows remote attackers to execute arbitrary code via shell metacharacters in the URL of a podcast, which are executed when saving the URL to a log file. NOTE: the wget vector is already covered by CVE-2006-2548.
Ссылки
- ExploitVendor Advisory
- Exploit
- ExploitVendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 0.4 (включая)
Одно из
cpe:2.3:a:perlpodder:perlpodder:*:*:*:*:*:*:*:*
cpe:2.3:a:perlpodder:perlpodder:0.2:*:*:*:*:*:*:*
cpe:2.3:a:perlpodder:perlpodder:0.3:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05249
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
perlpodder before 0.5 allows remote attackers to execute arbitrary code via shell metacharacters in the URL of a podcast, which are executed when saving the URL to a log file. NOTE: the wget vector is already covered by CVE-2006-2548.
EPSS
Процентиль: 90%
0.05249
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other