header-logo
Suggest Exploit
vendor:
iOffice
by:
9.8
CVSS
CRITICAL
Remote Command Execution
78
CWE
Product Name: iOffice
Affected Version From: 0.1
Affected Version To: 0.1
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

iOffice Remote Command Execution Vulnerability

iOffice is prone to a remote command-execution vulnerability because the software fails to adequately sanitize user-supplied input. Successful attacks can compromise the affected software and the underlying server.

Mitigation:

Update to the latest version of iOffice to fix the vulnerability. Additionally, input validation and sanitization should be implemented to prevent similar issues in the future.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/41768/info

iOffice is prone to a remote command-execution vulnerability because the software fails to adequately sanitize user-supplied input.

Successful attacks can compromise the affected software and the underlying server.

iOffice 0.1 is affected; other versions may also be vulnerable.

http://www.example.com/cgi-bin/index.pl?section_name=whatever&section=ioffice&parametre=|id|