VULHUB ™

psInclude has been reported prone to a remote arbitrary command execution vulnerability. The psInclude cgi application receives and processes one URI parameter, this parameter is named "template". Due to a lack of sufficient sanitization performed on the "template" parameter, it is possible for an attacker to supply shell metacharacters and commands as its value. A remote attacker may exploit this condition to execute arbitrary commands in the context of the web server that is hosting the vulnerable application.

psInclude has been reported prone to a remote arbitrary command execution vulnerability. The psInclude cgi application receives and processes one URI parameter, this parameter is named "template". Due to a lack of sufficient sanitization performed on the "template" parameter, it is possible for an attacker to supply shell metacharacters and commands as its value. A remote attacker may exploit this condition to execute arbitrary commands in the context of the web server that is hosting the vulnerable application.