CVE-2008-6826 Information

Description

dhtml.pl in MHF Media Pro allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter as demonstrated using the (1) advert_top.htm or (2) advert_login.htm pages.

Reference

http://osvdb.org/49406 http://secunia.com/advisories/32402 http://www.securityfocus.com/bid/31923 https://exchange.xforce.ibmcloud.com/vulnerabilities/46121 https://www.exploit-db.com/exploits/6845