Exploitation Summary
EIP tracks 1 public exploit for CVE-2004-2347. PoCs published by ActualMInd.
AI-analyzed exploit summary This exploit leverages insufficient sanitization of shell metacharacters in Web Blog's 'blog.cgi' script, allowing remote command execution via the 'file' parameter. The vulnerability is triggered by injecting shell commands directly into the URL.
Description
blog.cgi in Leif M. Wright Web Blog 1.1 and 1.1.5 allows remote attackers to execute arbitrary commands via shell metacharacters such as '|' in the file parameter of ViewFile requests.
Exploits (1)
This exploit leverages insufficient sanitization of shell metacharacters in Web Blog's 'blog.cgi' script, allowing remote command execution via the 'file' parameter. The vulnerability is triggered by injecting shell commands directly into the URL.