Y.SAK allows remote attackers to execute arbitrary commands via shell metacharacters in the $no variable to (1) w_s3mbfm.cgi, (2) w_s3adix.cgi, or (3) w_s3sbfm.cgi.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| y.sak | y.sak | * |