CVE-2019-15503

Publication date

2019-08-26 17:21:43

Family

mitre

State

PUBLISHED

Description

cgi-cpn/xcoding/prontus_videocut.cgi in AltaVoz Prontus (aka ProntusCMS) through 12.0.3.0 has "Improper Neutralization of Special Elements used in an OS Command," allowing attackers to execute OS commands via an HTTP GET parameter.