sendmessage.cgi in W3Mail 1.0.2, and possibly other CGI programs, allows remote malicious users to execute arbitrary commands via shell metacharacters in any field of the 'Compose Message' page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
spencer miles w3mail 1.0.2 |