4 matches found
CVE-2001-0025
CVE-2001-0025 affects the ad.cgi CGI program by Leif Wright. The vulnerability allows remote arbitrary command execution via shell metacharacters in the file parameter, with the CGI typically running under web server privileges (often root or nobody). The issue is documented in multiple sources (...
CVE-2005-1351
CVE-2005-1351 concerns the ad.cgi script, which allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. The NVD entry lists a CVSS v2 base score of 7.5 (HIGH) with network access, low complexity, no authentication, and partial impacts to confidentiality, in...
CVE-2005-1350
CVE-2005-1350 concerns the ad.cgi script which allows remote attackers to read arbitrary files by supplying a full pathname as the argument. The vulnerability is confirmed in multiple sources (NVD/NVD-derived records); the CVSS v2 base score is 5.0 (Medium) with network access and low attack comp...
CVE-2005-1352
CVE-2005-1352 describes an XSS vulnerability in the ad.cgi script that allows remote attackers to inject arbitrary web script or HTML via the argument. Evidence comes from NVD/CVE records; the exact affected product, version, and root cause details beyond “ad.cgi script” are not specified in the ...