VULHUB ™

WebGlimpse is a web search and index software package. It is maintained by public domain, and licensed by the University of Arizona. WebGlimpse does not properly sanitize input. By not doing so, it is possible for a remote user to pass arbitrary commands through the web interface to the underlying system. This problem can be exploited through encapsulating arbitrary commands with backquotes (`). This could allow remote command execution with the privileges of the http server process.

WebGlimpse is a web search and index software package. It is maintained by public domain, and licensed by the University of Arizona. WebGlimpse does not properly sanitize input. By not doing so, it is possible for a remote user to pass arbitrary commands through the web interface to the underlying system. This problem can be exploited through encapsulating arbitrary commands with backquotes (`). This could allow remote command execution with the privileges of the http server process.