Remote File Read and Arbitrary CGI Script Execution in Charles Steinkuehler sh-httpd 0.3 and 0.4

Remote File Read and Arbitrary CGI Script Execution in Charles Steinkuehler sh-httpd 0.3 and 0.4

CVE-2003-1137 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Charles Steinkuehler sh-httpd 0.3 and 0.4 allows remote attackers to read files or execute arbitrary CGI scripts via a GET request that contains an asterisk (*) wildcard character.

Learn more about our Web Application Penetration Testing UK.