Arbitrary Command Execution via URL Handling in Pine 4.43 and Earlier

Arbitrary Command Execution via URL Handling in Pine 4.43 and Earlier

CVE-2002-0014 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quotes and containing shell metacharacters (&).

Learn more about our Web Application Penetration Testing UK.