CVE-2004-1888

Aborior Encore WebForum - Command Injection

Title source: llm

Description

display.cgi in Aborior Encore WebForum allows remote to execute arbitrary commands via shell metacharacters in the file variable.

Exploits (1)

exploitdb WORKING POC VERIFIED

by K-159 · perlwebappscgi

https://www.exploit-db.com/exploits/23907

View Code ZIP pw:eip

References (7)

[Exploit] http://www.securityfocus.com/bid/10040

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/437813/100/0/threaded

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15725

[Third Party Advisory, VDB Entry] http://www.osvdb.org/16831

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/437978/100/0/threaded

[Mailing List] http://marc.info/?l=bugtraq&m=108100973820868&w=2

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1009652

Scores

EPSS 0.0925

EPSS Percentile 92.7%

Details

Status published

Products (1)

aborior/encore_web_forum

Published Dec 31, 2004

Tracked Since Feb 18, 2026