CVE-2014-5090

Name of the Vulnerable Software and Affected Versions Status2k (affected versions not specified)

Description The issue allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the Location field in Add Logs in the Admin Panel. This is possible due to a lack of proper input validation in the admin/options/logs.php file.

Recommendations For Status2k, consider restricting access to the admin/options/logs.php file until a patch is available. As a temporary workaround, avoid using shell metacharacters in the Location field in Add Logs in the Admin Panel to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.