- Description
- An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. In the file upload filter, user form variables can be passed to CGI scripts without being prefixed with the CGI prefix. This permits tunneling untrusted environment variables into vulnerable CGI scripts.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- nvd@nist.gov
- CWE-434
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:embedthis:goahead:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D614097-1270-46F0-939B-6F2D5757FF50",
"versionEndIncluding": "4.1.3",
"versionStartIncluding": "4.0.0"
},
{
"criteria": "cpe:2.3:a:embedthis:goahead:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A881D37-6C28-42A3-AD4C-F4911820911B",
"versionEndExcluding": "5.1.5",
"versionStartIncluding": "5.0.0"
}
],
"operator": "OR"
}
]
}
]