Arbitrary Command Execution in E-Cart 2004 1.1 and Earlier via index.cgi

Arbitrary Command Execution in E-Cart 2004 1.1 and Earlier via index.cgi

CVE-2005-1289 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

index.cgi in E-Cart 2004 1.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) art and possibly (2) cat parameters.

Learn more about our Web Application Penetration Testing UK.