Description
Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter for the (1) normal_html.cgi or (2) member_html.cgi scripts.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Revin Aldi · perlwebappscgi
https://www.exploit-db.com/exploits/22572
exploitdb
WORKING POC
VERIFIED
by Revin Aldi · perlwebappscgi
https://www.exploit-db.com/exploits/22571
Scores
EPSS
0.0421
EPSS Percentile
88.8%
Details
Status
published
Products (2)
happycgi/happymall
4.3
happycgi/happymall
4.4
Published
May 27, 2003
Tracked Since
Feb 18, 2026