Arbitrary Command Execution in Ikonboard 2.1.7b and Earlier via register.cgi

Arbitrary Command Execution in Ikonboard 2.1.7b and Earlier via register.cgi

CVE-2001-0076 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

register.cgi in Ikonboard 2.1.7b and earlier allows remote attackers to execute arbitrary commands via the SEND_MAIL parameter, which overwrites an internal program variable that references a program to be executed.

Learn more about our Internal Network Penetration Testing.