Gforge · Gforge · CVE-2005-1752
**Name of the Vulnerable Software and Affected Versions**
Gforge versions prior to 4.0
**Description**
The issue allows remote attackers to execute arbitrary commands. This is achieved by using shell metacharacters in the `file name` parameter of the viewFile.php file in the scm component.
**Recommendations**
For versions prior to 4.0, consider restricting access to the viewFile.php file until a patch is available. As a temporary workaround, avoid using shell metacharacters in the `file name` parameter to minimize the risk of exploitation.