Vulnerability Details CVE-2021-29393
Remote Code Execution in cominput.jsp and comoutput.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to inject and execute arbitrary system commands via the unsanitized user-controlled "command" and "commandvalues" parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.142
EPSS Ranking 94.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2021-29393
-
cpe:2.3:a:globalnorthstar:northstar_club_management:6.3