3 matches found
CVE-1999-0196
websendmail in Webgais 1.0 allows a remote user to access arbitrary files and execute arbitrary code via the receiver parameter $VARreceiver variable...
CVE-1999-0196
WebGais Websendmail CGI (Webgais 1.0) is affected. The vulnerability enables a remote user to access arbitrary files and execute arbitrary code via the receiver parameter in the CGI (VAR_receiver), allowing command execution with the web server daemon’s privileges. Red Hat and CVE records corrobo...
WebGais websendmail CGI Arbitrary Command Execution
The 'websendmail' program, part of Webgais, appears to be installed on the remote host. This CGI script has a well-known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, In...