CVE-2003-1365

Name of the Vulnerable Software and Affected Versions CGI::Lite versions 2.0 and earlier

Description The issue concerns the escape dangerous chars function, which fails to properly remove special characters, including backslash, ?, ~, ^, newline, and carriage return. This could allow remote attackers to read or write arbitrary files or execute arbitrary commands in shell scripts that rely on CGI::Lite for input filtering.

Recommendations For CGI::Lite versions 2.0 and earlier, update to a version that correctly removes special characters, or as a temporary workaround, consider manually filtering out dangerous characters, including backslash, ?, ~, ^, newline, and carriage return, to prevent potential exploitation.