The getemails function in C.J. Steele Tattle allows remote malicious users to execute arbitrary commands via shell metacharacters in certain log entries, as demonstrated using shell metacharacters in an FTP username.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|