EPrints 3.4.2 allows remote attackers to execute OS commands via crafted LaTeX input to a cgi/cal?year= URI.
CPE | Name | Operator | Version |
---|---|---|---|
eprints3.4 | eq | 3.4.1-rc2 | |
eprints3.4 | eq | 3.4.2-rc1 | |
eprints3.4 | eq | 3.4.2 | |
eprints3.4 | eq | 3.4.2-rc3 | |
eprints3.4 | eq | 3.4.0 | |
eprints3.4 | eq | 3.4.1 | |
eprints3.4 | eq | 3.4.2-rc2 | |
eprints3.4 | eq | 3.4.0-rc1 |