VULHUB ™

CVSTrac is affected by a remote command execution vulnerability in the 'filediff' functionality. This issue is due to an input validation error that allows for the appending of shell commands. An attacker could leverage this issue to execute arbitrary shell commands on a vulnerable computer with the privileges of the web server process.

CVSTrac is affected by a remote command execution vulnerability in the 'filediff' functionality. This issue is due to an input validation error that allows for the appending of shell commands. An attacker could leverage this issue to execute arbitrary shell commands on a vulnerable computer with the privileges of the web server process.