VULHUB ™

Post-It! is a CGI script which allows remote users to post comments and additions to an html file. The script fails to properly validate user-supplied CGI parameters, which are used to send email via a shell command. Maliciously formed URLs submitted to the script may contain shell commands which will be run with the privilege level of the webserver (ie 'nobody').

Post-It! is a CGI script which allows remote users to post comments and additions to an html file. The script fails to properly validate user-supplied CGI parameters, which are used to send email via a shell command. Maliciously formed URLs submitted to the script may contain shell commands which will be run with the privilege level of the webserver (ie 'nobody').