Incomplete Blacklist Vulnerability in CPAINT Allows Remote Code Execution
CVE-2005-2625 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Incomplete blacklist vulnerability in the checkBlacklist function in CPAINT allows remote attackers to execute arbitrary commands via the (1) ExecuteGlobal function or (2) GetRef statement, which is not included in the blacklist.
Learn more about our Web Application Penetration Testing UK.