quikstore.cgi in Quikstore Shopping Cart allows remote malicious users to execute arbitrary commands via shell metacharacters in the URL portion of an HTTP GET request.
i-soft quikstore