CGIScript.net csNews.cgi allows remote authenticated users to read arbitrary files, and possibly gain privileges, via the (1) pheader or (2) pfooter parameters in the "Advanced Settings" capability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cgiscript.net csnews 1.0 |
||
cgiscript.net csnews 1.0 professional |