2004-03-18 05:00:00
mitre
PUBLISHED
X-Cart 3.4.3 allows remote attackers to execute arbitrary commands via the perl_binary argument in (1) upgrade.php or (2) general.php.