Description
CDomain whois_raw.cgi whois CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the fqdn parameter.
Affected products
- cdomain / cdomainfree1.0 – 1.0
- cdomain / cdomainfree2.0 – 2.0
- cdomain / cdomainfree2.1 – 2.1
- cdomain / cdomainfree2.2 – 2.2
- cdomain / cdomainfree2.3 – 2.3
- cdomain / cdomainfree2.4 – 2.4