config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x and versions prior to 4.06 allows remote malicious users to execute arbitrary commands via shell metacharacters in the file name during filename conversion.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fraunhofer fit bscw 3.4 |
||
fraunhofer fit bscw 4.0 |