WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter.
WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter.
https://github.com/websvnphp/websvn/pull/142 https://github.com/websvnphp/websvn/commit/88fce56b7b9dbfc0fe2629217c3bff2c2e751920