Cgicentral: >> Webstore 400cs Security Vulnerabilities
ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated WebStore administrators to execute arbitrary code via shell metacharacters in the kill parameter.
CVSS Score
7.5
EPSS Score
0.078
Published
2001-06-12
WSSecurity.pl in WebStore allows remote attackers to bypass authentication by providing the program with a filename that exists, which is made easier by (1) inserting a null character or (2) .. (dot dot).
CVSS Score
7.5
EPSS Score
0.033
Published
2001-06-12