Description
webbbs_post.pl in WebBBS 4 and 5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the followup parameter.
Affected products
- affordable_web_space_design / affordable_web_space_design_webbbs4.0 – 4.0
- affordable_web_space_design / affordable_web_space_design_webbbs4.1 – 4.1
- affordable_web_space_design / affordable_web_space_design_webbbs4.2 – 4.2
- affordable_web_space_design / affordable_web_space_design_webbbs4.10 – 4.10
- affordable_web_space_design / affordable_web_space_design_webbbs4.11 – 4.11
- affordable_web_space_design / affordable_web_space_design_webbbs4.12 – 4.12
- affordable_web_space_design / affordable_web_space_design_webbbs4.20 – 4.20
- affordable_web_space_design / affordable_web_space_design_webbbs4.21 – 4.21
- affordable_web_space_design / affordable_web_space_design_webbbs4.22 – 4.22
- affordable_web_space_design / affordable_web_space_design_webbbs4.30 – 4.30
- affordable_web_space_design / affordable_web_space_design_webbbs4.31 – 4.31
- affordable_web_space_design / affordable_web_space_design_webbbs4.32 – 4.32
- affordable_web_space_design / affordable_web_space_design_webbbs4.33 – 4.33
- affordable_web_space_design / affordable_web_space_design_webbbs5.0 – 5.0