CVE-2002-1753 Information

Description

csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows remote attackers to execute arbitrary Perl code via the setup parameter which is processed by the Perl eval function.

Reference

http://cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00106.html http://www.securityfocus.com/bid/4451 https://exchange.xforce.ibmcloud.com/vulnerabilities/8636 cgiscript-url-execute-commands(8636)