PT-2002-2714 · Webbbs · Webbbs
Publicado
2002-12-31
·
Atualizado
2008-09-05
·
CVE-2002-1993
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
WebBBS versions 4.0 through 5.0
Description
The issue allows remote attackers to execute arbitrary commands. This is achieved by injecting shell metacharacters into the
followup parameter in the webbbs post.pl script.Recommendations
For WebBBS versions 4.0 through 5.0, avoid using the
followup parameter in the webbbs post.pl script until a fix is available. Consider restricting access to the webbbs post.pl script to minimize the risk of exploitation.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Webbbs