Vulnerabilities > CVE-2004-2275 - Remote Command Execution vulnerability in I-Mall Commerce I-mall Script
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
i-mall.cgi in I-Mall Commerce allows remote attackers to execute arbitrary commands via shell metacharacters via the p parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | I-Mall Commerce (i-mall.cgi) Remote Command Execution Exploit. CVE-2004-2275. Webapps exploit for cgi platform |
id | EDB-ID:980 |
last seen | 2016-01-31 |
modified | 2005-05-04 |
published | 2005-05-04 |
reporter | Jerome Athias |
source | https://www.exploit-db.com/download/980/ |
title | I-Mall Commerce i-mall.cgi Remote Command Execution Exploit |
Nessus
NASL family | CGI abuses |
NASL id | I-MALL_CGI.NASL |
description | The script i-mall.cgi is installed. Some versions of this script are vulnerable to remote command execution flaw, due to insufficient user input sanitization to the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 15750 |
published | 2004-11-18 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/15750 |
title | Webman I-Mall i-mall.cgi Arbitrary Command Execution |
code |
|