RSS   Vulnerabilities for 'Webstore 400'   RSS

2001-06-12
 
CVE-2001-1344

CWE-Other
 

 
WSSecurity.pl in WebStore allows remote attackers to bypass authentication by providing the program with a filename that exists, which is made easier by (1) inserting a null character or (2) .. (dot dot).

 
 
CVE-2001-1343

CWE-Other
 

 
ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated WebStore administrators to execute arbitrary code via shell metacharacters in the kill parameter.

 

 >>> Vendor: Cgicentral 2 Products
Webstore 400
Webstore 400cs


Copyright 2024, cxsecurity.com

 

Back to Top