Description

The eTrace_validaddr function in eTrace plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the etrace_host parameter.

Remediation

References

CVE-2005-1966

Related Vulnerabilities

WordPress Plugin MDC YouTube Downloader Local File Inclusion (2.1.0)

WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) SQL Injection (1.5.109)

WordPress Plugin HDW Player (Video Player & Video Gallery) SQL Injection (2.4.2)

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2021-4104)

WordPress Plugin BIC Media Widget Cross-Site Scripting (1.0)

Severity

High

Classification

CVE-2005-1966

Tags

Missing Update Known Vulnerabilities