header-logo
Suggest Exploit
vendor:
GoScript
by:
Pete Stein
9.8
CVSS
CRITICAL
Remote Command Execution
78
CWE
Product Name: GoScript
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

GoScript Remote Command Execution Vulnerability

The vulnerability allows remote attackers to execute arbitrary commands on a target system by injecting malicious commands in the 'go.cgi' parameter of the GoScript application. This can lead to unauthorized actions being performed on the victim's computer.

Mitigation:

To mitigate this vulnerability, it is recommended to apply the latest security patches and updates provided by the vendor.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10853/info

Pete Stein GoScript is prone to a remote command execution vulnerability. 

This may allow remote attackers to perform unauthorized actions on a victim computer in the context of the hosting Web server.

http://www.example.com/go.cgi?|id|
http://www.example.com/go.cgi?artarchive=|id|

Navigation

Suggest Exploit

Services By CQR