Lucene search
GoogleOSV:CVE-2021-26704HistoryMar 01, 2021 - 10:15 p.m.
CVE-2021-26704
2021-03-0122:15:14
Google
osv.dev
2
EPrints 3.4.2 allows remote attackers to execute arbitrary commands via crafted input to the verb parameter in a cgi/toolbox/toolbox URI.
| CPE | Name | Operator | Version |
|---|---|---|---|
| eprints3.4 | eq | 3.4.1-rc2 | |
| eprints3.4 | eq | 3.4.2-rc1 | |
| eprints3.4 | eq | 3.4.2 | |
| eprints3.4 | eq | 3.4.2-rc3 | |
| eprints3.4 | eq | 3.4.0 | |
| eprints3.4 | eq | 3.4.1 | |
| eprints3.4 | eq | 3.4.2-rc2 | |
| eprints3.4 | eq | 3.4.0-rc1 |
Related
nvd
nvd
CVE-2021-26704
2021-03-01 22:15:14
cve
cve
CVE-2021-26704
2021-03-01 22:15:14
checkpoint_advisories
checkpoint_advisories
EPrints Command Injection (CVE-2021-26704)
2021-03-24 00:00:00
cvelist
cvelist
CVE-2021-26704
2021-03-01 21:02:16
prion
prion
Input validation
2021-03-01 22:15:00