Vulnerabilities > CVE-2002-1993 - Remote Command Execution vulnerability in WebScripts WebBBS

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
affordable-web-space-design
critical
exploit available

Summary

webbbs_post.pl in WebBBS 4 and 5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the followup parameter.

Exploit-Db

descriptionWebScripts WebBBS 4.x/5.0 Remote Command Execution Vulnerability. CVE-2002-1993. Webapps exploit for cgi platform
idEDB-ID:21567
last seen2016-02-02
modified2002-06-06
published2002-06-06
reporterNERF Security
sourcehttps://www.exploit-db.com/download/21567/
titleWebScripts WebBBS 4.x/5.0 - Remote Command Execution Vulnerability