Arbitrary Command Execution in GNATS GnatsWeb 2.7 through 3.95 via help_file Parameter

Arbitrary Command Execution in GNATS GnatsWeb 2.7 through 3.95 via help_file Parameter

CVE-2001-0808 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers to execute arbitrary commands via certain characters in the help_file parameter.

Learn more about our Web App Pen Testing.