Author: JT Smith
From SecurityFocus: “An insecurely call to the open() function leads to a failure to properly filter shell metacharacters from user supplied input. As a result, it is possible for an attacker to cause this script to execute arbitrary shell commands with the privilege of the webserver.”
Category:
- Linux