VULHUB ™

Mod_Survey is a Perl module which allows web users to create online questionaires. It is written and maintained by Joel Palmius. Mod_Survey does not adequately validate user-supplied input. A number of characters are not sanitized from text fields or HTTP requests. For example, semi-colons(;) are used to delimit fields in Mod_Survey and extraneous use of semi-colons may cause unexpected behavior to occur. Additionally, this may make it possible for a remote attacker to execute arbitrary commands on the shell of a host, in the case of a specially crafted request which contains shell metacharacters. Though this possibility has not been confirmed.

Mod_Survey is a Perl module which allows web users to create online questionaires. It is written and maintained by Joel Palmius. Mod_Survey does not adequately validate user-supplied input. A number of characters are not sanitized from text fields or HTTP requests. For example, semi-colons(;) are used to delimit fields in Mod_Survey and extraneous use of semi-colons may cause unexpected behavior to occur. Additionally, this may make it possible for a remote attacker to execute arbitrary commands on the shell of a host, in the case of a specially crafted request which contains shell metacharacters. Though this possibility has not been confirmed.