WebGlimpse 2.14.1/2.18.8 - 'webglimpse.cgi' Remote Command Injection

EDB-ID:

36974

CVE:

N/A




Platform:

CGI

Date:

2012-03-20


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

source: https://www.securityfocus.com/bid/52627/info

WebGlimpse is prone to a remote command-injection vulnerability.

Attackers can exploit this issue to execute arbitrary commands in the context of the application.

WebGlimpse versions prior to 20.20.0 are affected. 

query=%27%26command+and+arguments+go+here%26%27