EPrints 3.4.2 allows remote attackers to execute arbitrary commands via crafted input to the verb parameter in a cgi/toolbox/toolbox URI.
CPE | Name | Operator | Version |
---|---|---|---|
eprints3.4 | eq | 3.4.1-rc2 | |
eprints3.4 | eq | 3.4.2-rc1 | |
eprints3.4 | eq | 3.4.2 | |
eprints3.4 | eq | 3.4.2-rc3 | |
eprints3.4 | eq | 3.4.0 | |
eprints3.4 | eq | 3.4.1 | |
eprints3.4 | eq | 3.4.2-rc2 | |
eprints3.4 | eq | 3.4.0-rc1 |