header-logo
Suggest Exploit
vendor:
Athena Web Registration
by:
SecurityFocus
8.8
CVSS
HIGH
Command Injection
78
CWE
Product Name: Athena Web Registration
Affected Version From: Athena Web Registration scripts
Affected Version To: Athena Web Registration scripts
Patch Exists: YES
Related CWE: CVE-2003-0252
CPE: a:athena_software:athena_web_registration
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2003

A problem has been reported in the handling of user-supplied input by the Athena Web Registration scripts

The Athena Web Registration scripts are vulnerable to command injection attacks due to insufficient input validation. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server, which will then execute the injected command.

Mitigation:

Input validation should be performed on all user-supplied data to ensure that it does not contain malicious commands.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9349/info

A problem has been reported in the handling of user-supplied input by the Athena Web Registration scripts. Because of this, it may be possible for an attacker to gain unauthorized access to a vulnerable system. 

http://www.example.com/athenareg.php?pass=%20;whoami

Navigation

Suggest Exploit

Services By CQR