Arbitrary Command Execution in license.php of op5 Monitor and op5 Appliance

Arbitrary Command Execution in license.php of op5 Monitor and op5 Appliance

CVE-2012-0261 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

license.php in system-portal before 1.6.2 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the timestamp parameter for an install action.

Learn more about our Web Application Penetration Testing UK.