Arbitrary Code Execution and Privilege Escalation in Active Classifieds Free Edition 1.0

Arbitrary Code Execution and Privilege Escalation in Active Classifieds Free Edition 1.0

CVE-2001-1290 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

admin.cgi in Active Classifieds Free Edition 1.0, and possibly commercial versions, allows remote attackers to modify the configuration, gain privileges, and execute arbitrary Perl code via the table_width parameter.

Learn more about our Web Application Penetration Testing UK.