CVE-2007-6176

CVE-2007-6176 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

kb_whois.cgi in K+B-Bestellsystem (aka KB-Bestellsystem) allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) domain or (2) tld parameter in a check_owner action.

Learn more about our Web Application Penetration Testing UK.