CVE-2009-1361

Gscripts DNS Tools - Improper Input Validation

Title source: rule

Description

dig.php in GScripts.net DNS Tools allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploits (1)

exploitdb WORKING POC

webappsphp

https://www.exploit-db.com/exploits/8454

View Code ZIP pw:eip

References (1)

[Vendor Advisory] http://secunia.com/advisories/34773

Scores

EPSS 0.0300

EPSS Percentile 86.6%

Details

CWE

CWE-20

Status published

Products (1)

gscripts/dns_tools

Published Apr 22, 2009

Tracked Since Feb 18, 2026