Arbitrary Perl Code Execution in CGIScript.net csNews.cgi

Arbitrary Perl Code Execution in CGIScript.net csNews.cgi

CVE-2002-0924 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

CGIScript.net csNews.cgi allows remote authenticated users to execute arbitrary Perl code via terminating quotes and metacharacters in text fields of the "Advanced Settings" capability.

Learn more about our User Device Pen Test.