Description
WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by loophole · perlremotemultiple
https://www.exploit-db.com/exploits/19691
Scores
EPSS
0.0533
EPSS Percentile
90.1%
Details
Status
published
Products (1)
tony_greenwood/webwho\+
1.1
Published
Dec 26, 1999
Tracked Since
Feb 18, 2026