gnatsweb.pl in GNATS GnatsWeb 2.7 up to and including 3.95 allows remote malicious users to execute arbitrary commands via certain characters in the help_file parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yngve svendsen gnatsweb 2.7_beta |
||
yngve svendsen gnatsweb 2.8.0 |
||
yngve svendsen gnatsweb 2.8.1 |
||
yngve svendsen gnatsweb 3.95 |