Arbitrary Command Execution via URL Handling in Pine 4.43 and Earlier

CVE-2002-0014

URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quotes and containing shell metacharacters (&).

Learn more about our Web Application Penetration Testing UK.