VULHUB ™

Horde Chora Viewer is reported to be prone to a remote command execution vulnerability. The vulnerability is reported to exist due to a lack of sanitization performed on values that may be user-supplied. Shell metacharacters that are included as a value for the affected URI parameter may result in attacker specified shell commands being executed in an exec() call. Command execution will occur in the context of the affected web server. Chora versions up to an including version 1.2.1 are reported to be affected by this vulnerability.

Horde Chora Viewer is reported to be prone to a remote command execution vulnerability. The vulnerability is reported to exist due to a lack of sanitization performed on values that may be user-supplied. Shell metacharacters that are included as a value for the affected URI parameter may result in attacker specified shell commands being executed in an exec() call. Command execution will occur in the context of the affected web server. Chora versions up to an including version 1.2.1 are reported to be affected by this vulnerability.