Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-6041

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2013-6041
Last Modified 08 Jan 2015 08:38:09
Published 27 Dec 2014 01:59:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-6041

Summary

index.php in Softaculous Webuzo before 2.1.4 allows remote attackers to execute arbitrary commands via shell metacharacters in a SOFTCookies sid cookie within a login action.

Vulnerable Systems

Application

  • Softaculous Webuzo 2.1.0

  • Softaculous Webuzo 2.1.1

  • Softaculous Webuzo 2.1.2

  • Softaculous Webuzo 2.1.3


References

MISC - https://web.archive.org/web/20140126212101/http://www.baesystemsdetica.com.au/Research/Advisories/Webuzo-Multiple-Vulnerabilities-(DS-2013-007)

CONFIRM - http://www.softaculous.com/board/index.php?tid=4526&title=Webuzo_2.1.4_Launched


Last Updated: 27 May 2016 11:07:22