CVE-2002-0612
FileSeek.cgi - Remote Command Execution via Head or Foot Parameters
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2002-0612. PoCs published by Thijs Bosschert.
AI-analyzed exploit summary The exploit demonstrates command injection in FileSeek.cgi and FileSeek2.cgi due to improper filtering of shell metacharacters. Attackers can execute arbitrary commands with webserver privileges via crafted HTTP requests.
Description
FileSeek.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) head or (2) foot parameters.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Thijs Bosschert · textwebappscgi
https://www.exploit-db.com/exploits/22227
The exploit demonstrates command injection in FileSeek.cgi and FileSeek2.cgi due to improper filtering of shell metacharacters. Attackers can execute arbitrary commands with webserver privileges via crafted HTTP requests.
Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:
FileSeek.cgi and FileSeek2.cgi from The CGI/Perl Cookbook
No auth needed
Prerequisites:
Vulnerable FileSeek.cgi or FileSeek2.cgi script accessible on a web server
mistral-large-3 · analyzed Feb 16, 2026
Full analysis →
References (2)
Core 2
Core References
Patch, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/8857.php
Exploit, Patch, Vendor Advisory mailing-list
x_refsource_vuln-dev
http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0132.html
Scores
EPSS
0.0337
EPSS Percentile
87.3%
Details
Status
published
Products (1)
craig_patchett/fileseek
Published
Jun 18, 2002
Tracked Since
Feb 18, 2026