CVE-2005-2559 Information

Description

doping.php in ePing plugin 1.02 and earlier for e107 portal allows remote attackers to execute arbitrary code or overwrite files via (1) shell metacharacters in the eping_count parameter or (2) restricted shell metacharacters such as \ and &\ in the eping_host parameter which is not handled by the validation function.

Reference

http://e107plugins.co.uk/news.php http://marc.info/?l=bugtraq&m=112328161319148&w=2