Fraunhofer Fit: >> Bscw >> 4.0 Security Vulnerabilities
config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x and versions before 4.06 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name during filename conversion.
CVSS Score
7.5
EPSS Score
0.012
Published
2002-03-25
The default configuration of BSCW (Basic Support for Cooperative Work) 3.x and possibly version 4 enables user self registration, which could allow remote attackers to upload files and possibly join a user community that was intended to be closed.
CVSS Score
7.5
EPSS Score
0.031
Published
2002-03-25