2000-09-21 04:00:00
mitre
PUBLISHED
Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter.