2 matches found
CVE-2018-14429
man-cgi before 1.16 allows Local File Inclusion via absolute path traversal, as demonstrated by a cgi-bin/man-cgi?/etc/passwd URI...
CVE-2018-14429
CVE-2018-14429 affects man-cgi before 1.16. Summary: Local File Inclusion via absolute path traversal using a crafted cgi-bin/man-cgi? URL (example: /cgi-bin/man-cgi?/etc/passwd). Root cause: the script’s handling of the parameter leads to reading local files by calling the man command. Impact: i...