WebAPP Apage.CGI Remote Command Execution Flaw Network Vulnerability

Summary

Due to a lack of user input validation, an attacker can exploit the 'apage.cgi' script in the version of WebAPP on the remote host to execute arbitrary commands on the remote host with the privileges of the web server.

Solution

Upgrade to WebAPP version 0.9.9.2 or newer.

Severity

Classification

CVE CVE-2005-1628

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

ATutor < 1.5.1-pl1 Multiple Flaws
Andy's PHP Knowledgebase 'step5.php' Remote PHP Code Execution Vulnerability
4psa Voipnow Local File Inclusion Vulnerability
4Images <= 1.7.1 Directory Traversal Vulnerability
Admin Bot 'news.php' SQL Injection Vulnerability

WebAPP Apage.CGI remote command execution flaw

Take action and discover your vulnerabilities