Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2003-1365

Published: 31/12/2003 Updated: 29/07/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Subscribe to Perl

Vulnerability Summary

The escape_dangerous_chars function in CGI::Lite 2.0 and previous versions does not correctly remove special characters including (1) "\" (backslash), (2) "?", (3) "~" (tilde), (4) "^" (carat), (5) newline, or (6) carriage return, which could allow remote malicious users to read or write arbitrary files, or execute arbitrary commands, in shell scripts that rely on CGI::Lite to filter such dangerous inputs.

Vulnerable Product Search on Vulmon Subscribe to Product

perl cgi lite 2.0

References

CWE-20http://www.securityfocus.com/archive/1/311414http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0065.htmlhttp://search.cpan.org/~smylers/CGI-Lite-2.02/Lite.pmhttp://use.perl.org/~cbrooks/journal/10542http://www.securityfocus.com/bid/6833http://securityreason.com/securityalert/3237https://exchange.xforce.ibmcloud.com/vulnerabilities/11308https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333CVE-2024-33901CVE-2024-36001CVE-2024-2835firewallXPath injectionauthentication bypassCVE-2024-22120CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook