6 matches found
EUVD-2003-1355
Malware in sbrugna...
CVE-2003-1365
The escapedangerouschars function in CGI::Lite 2.0 and earlier does not correctly remove special characters including 1 "" backslash, 2 "?", 3 "" tilde, 4 "^" carat, 5 newline, or 6 carriage return, which could allow remote attackers to read or write arbitrary files, or execute arbitrary commands...
CVE-2003-1365
The CVE-2003-1365 entry concerns the escape_dangerous_chars function in CGI::Lite 2.0 and earlier. The function fails to remove certain dangerous characters (backslash, ?, ~, ^, newline, and carriage return), allowing remote attackers to read or write arbitrary files or execute arbitrary commands...
CVE-2003-1365
The escapedangerouschars function in CGI::Lite 2.0 and earlier does not correctly remove special characters including 1 "" backslash, 2 "?", 3 "" tilde, 4 "^" carat, 5 newline, or 6 carriage return, which could allow remote attackers to read or write arbitrary files, or execute arbitrary commands...
CGI::Lite protection bypass
Not all dangerous shell characters are filtered by CGI::Lite::escapedangerouschars...
Security bug in CGI::Lite::escape_dangerous_chars() function
SUBJECT Security bug in CGI::Lite::escapedangerouschars function, part of the CGI::Lite 2.0 package, and earlier revisions thereof. SUMMARY The CGI::Lite::escapedangerouschars function fails to escape the entire set of special characters that may have significance to the underlying shell command...