The htdig (ht://Dig) CGI program htsearch allows remote malicious users to read arbitrary files by enclosing the file name with backticks (`) in parameters to htsearch.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
htdig htdig 3.1.3 |
||
htdig htdig 3.2.0b1 |
||
htdig htdig 3.1.1 |
||
htdig htdig 3.1.2 |
||
htdig htdig 3.1.4 |