Security Advisory

CVE-2013-3506

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-05-08 10:00:00

Last updated 2024-09-16 19:41:37

Assigner mitre

State PUBLISHED

Description

cgi-bin/performance/perfchart.cgi in the Performance component in GroundWork Monitor Enterprise 6.7.0 does not properly restrict XML content, which allows remote attackers to execute arbitrary commands by creating a .shtml file and leveraging Server Side Includes (SSI) functionality.

← Browse all CVEs View on cve.org ↗