A module in Roxen 2.0 prior to 2.0.92, and 2.1 prior to 2.1.264, does not properly decode UTF-8, Mac and ISO-2202 encoded URLs, which could allow a remote malicious user to execute arbitrary commands or view arbitrary files via an encoded URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
roxen roxen webserver 2.0 |
||
roxen roxen webserver 2.1 |