First published: Thu Oct 30 2008(Updated: )
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and earlier, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Snoopy Project Snoopy | <=1.2.3 | |
Debian Debian Linux | =4.0 | |
Debian Debian Linux | =5.0 | |
Nagios Nagios | <4.2.2 | |
WordPress WordPress | <2.6.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.