Description
dcshop.cgi in DCShop 1.002 Beta allows remote attackers to delete arbitrary setup files via a null character in the database parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by pokleyzz sakamaniaka · textwebappscgi
https://www.exploit-db.com/exploits/21352
References (1)
Core 1
Core References
Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-03/0302.html
Scores
EPSS
0.0560
EPSS Percentile
90.4%
Details
Status
published
Products (1)
dcscripts/dcshop
1.002_beta
Published
Aug 12, 2002
Tracked Since
Feb 18, 2026