csSearch.cgi in csSearch 2.3 and previous versions allows remote malicious users to execute arbitrary Perl code via the savesetup command and the setup parameter, which overwrites the setup.cgi configuration file that is loaded by csSearch.cgi.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cgiscript cssearch professional |