CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Isucon: >> Isucon 5 Qualifier Eventapp Security Vulnerabilities

CVE-2015-5673

eventapp/lib/gcloud.rb in the ISUCON5 qualifier portal (aka eventapp) web application before 2015-10-30 makes improper popen calls, which allows remote attackers to execute arbitrary commands via an HTTP request that includes shell metacharacters in an argument to a "gcloud compute" command.

CVSS Score

6.5

EPSS Score

0.005

Published

2015-11-04

Page 1

Vulnerabilities

Vulnerable Software

Isucon: >> Isucon 5 Qualifier Eventapp Security Vulnerabilities

Products

Pricing

Contact Us