CyberSec.Space Logo
Back to CVE Browser

CVE-2006-7012

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0520%
EPSS Percentile1.74th
PublishedFeb 15, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

scart.cgi in SCart 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter of a show_text action.

Affected Platforms (CPE)

πŸ“¦
Scart

Scart

= 2.0

References & Advisories

πŸ”— http://advisories.echo.or.id/adv/adv32-K-159-2006.txt
πŸ”— http://securityreason.com/securityalert/2257
πŸ”— http://www.securityfocus.com/archive/1/435861/30/4710/threaded
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/26921
πŸ”— https://www.exploit-db.com/exploits/1876
πŸ”— http://advisories.echo.or.id/adv/adv32-K-159-2006.txt
πŸ”— http://securityreason.com/securityalert/2257
πŸ”— http://www.securityfocus.com/archive/1/435861/30/4710/threaded

Related Vulnerabilities

CVE-2006-28147.5

Multiple buffer overflows in the (1) vGetPost and (2) main functions in easy-scart.c through easy-scart6.c in iShopCart allow remo...

CVE-2006-607610.0

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier ...

CVE-2006-623510.0

A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to ...

CVE-2006-028310.0

Unspecified vulnerability in Oracle Database Server 10.1.0.4.2, Application Server 10.1.2.0.2, and Collaboration Suite Release 2, ...