Summary
The eShop (WebDiscount) CGI is installed. A security problem in this CGI allows anyone to execute arbitrary commands with the privileges of the web server.
Solution
Contact the author for a patch.
Additional information:
http://www.securiteam.com/unixfocus/5JP0M005FU.html
Severity
Classification
-
CVE CVE-2001-1014 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
- A-A-S Application Access Server Multiple Vulnerabilities
- appRain CMF SQL Injection And Cross Site Scripting Vulnerabilities
- AlienVault OSSIM SQL Injection and Remote Code Execution Vulnerabilities
- Avenger's News System Command Execution