CyberSec.Space Logo
Back to CVE Browser

CVE-2005-2290

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1230%
EPSS Percentile19.69th
PublishedJul 18, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

wps_shop.cgi in WPS Web Portal System 0.7.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) art and (2) cat variables.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=112128870110418&w=2
πŸ”— http://secunia.com/advisories/15780
πŸ”— http://securitytracker.com/id?1014480
πŸ”— http://www.securityfocus.com/bid/14245
πŸ”— http://marc.info/?l=bugtraq&m=112128870110418&w=2
πŸ”— http://secunia.com/advisories/15780
πŸ”— http://securitytracker.com/id?1014480
πŸ”— http://www.securityfocus.com/bid/14245

Related Vulnerabilities

CVE-2005-103710.0

Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges.

CVE-2005-129910.0

The inserter.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.

CVE-2005-266910.0

Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote at...

CVE-2005-063510.0

Buffer overflow in Foxmail Server 2.0 allows remote attackers to execute arbitrary code via a long USER command.