gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers to execute arbitrary commands via certain characters in the help_file parameter.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| yngve_svendsen | gnatsweb | 2.8.0 |
| yngve_svendsen | gnatsweb | 2.8.1 |
| yngve_svendsen | gnatsweb | 3.95 |
| yngve_svendsen | gnatsweb | 2.7_beta |