CVE-2004-0734

extropia_webstore - Remote Code Execution via Web_Store.cgi Page Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0734. PoCs published by Action Spider.

AI-analyzed exploit summary This Perl script exploits a remote command execution vulnerability in web_store.cgi by injecting a reverse shell payload via the 'page' parameter. It establishes a connection to the target server and sends a crafted HTTP POST request to trigger the vulnerability.

Description

Web_Store.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Action Spider · perlwebappscgi
https://www.exploit-db.com/exploits/1048

This Perl script exploits a remote command execution vulnerability in web_store.cgi by injecting a reverse shell payload via the 'page' parameter. It establishes a connection to the target server and sends a crafted HTTP POST request to trigger the vulnerability.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: web_store.cgi (version not specified)
No auth needed
Prerequisites: Network access to the target server · Perl environment to run the script · Netcat or similar tool to listen for the reverse shell
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16710
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=109008402715874&w=2
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/10744

Scores

EPSS 0.0361
EPSS Percentile 88.0%

Details

Status published
Products (2)
extropia/extropia_webstore 1.0
extropia/extropia_webstore 2.0
Published Jul 27, 2004
Tracked Since Feb 18, 2026