CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

NVD•added 2001/05/03 4:0 a.m.•12 views

CVE-2001-0271

mailnews.cgi 1.3 and earlier allows remote attackers to execute arbitrary commands via a user name that contains shell metacharacters...

10CVSS7.6AI score0.02314EPSS

Exploits1References2

Cvelist•added 2001/04/04 4:0 a.m.•17 views

CVE-2001-0271

mailnews.cgi 1.3 and earlier allows remote attackers to execute arbitrary commands via a user name that contains shell metacharacters...

7.6AI score0.02314EPSS

Exploits1References2

CVE•added 2001/04/04 4:0 a.m.•51 views

CVE-2001-0271

CVE-2001-0271 affects mailnews.cgi (version 1.3 and earlier). The vulnerability allows remote attackers to execute arbitrary commands by supplying a user name that contains shell metacharacters. This is a remote command-execution flaw with high impact (complete confidentiality, integrity, and ava...

10CVSS7.7AI score0.02314EPSS

Exploits1References2Affected Software1

Tenable Nessus•added 2001/03/25 12:0 a.m.•125 views

MAILNEWS mailnews.cgi Arbitrary Command Execution

mailnews.cgi is being hosted on the remote web server. Input to the 'address' parameter is not properly sanitized. A remote attacker could exploit this to execute arbitrary commands with the privileges of the web server. Please note Nessus only checked for the presence of this CGI, and did not...

10CVSS6AI score0.02314EPSS

Exploits1References2