CVE-2019-15503

cgi-cpn/xcoding/prontusvideocut.cgi in AltaVoz Prontus aka ProntusCMS through 12.0.3.0 has "Improper Neutralization of Special Elements used in an OS Command," allowing attackers to execute OS commands via an HTTP GET parameter...