Description
Charles Steinkuehler sh-httpd 0.3 and 0.4 allows remote attackers to read files or execute arbitrary CGI scripts via a GET request that contains an asterisk (*) wildcard character.
Affected products
- charles_steinkuehler / sh-httpd0.3 – 0.3
- charles_steinkuehler / sh-httpd0.4 – 0.4