Steve Grimm Un-cgi : Security vulnerabilities, CVEs

Copy

CVE-2001-1242

Directory traversal vulnerability in Un-CGI 1.9 and earlier allows remote attackers to execute arbitrary code via a .. (dot dot) in an HTML form.

Max CVSS

7.5

EPSS Score

2.57%

Published

2001-07-17

Updated

2008-09-10

CVE-2001-1241

Un-CGI 1.9 and earlier does not verify that a CGI script has the execution bits set before executing it, which allows remote attackers to execute arbitrary commands by directing Un-CGI to a document that begins with "#!" and the desired program name.

Max CVSS

7.5

EPSS Score

6.90%

Published

2001-07-17

Updated

2008-09-10

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!