Approved changes feed: RSS · Atom
cpe:2.3:a:perl:cgi_lite:2.0:*:*:*:*:*:*:*
part: a version: 2.0 update: *
| Vendor | Perl (1e08d0ea-f6e4-5b5b-a347-b9704b70f1d2) |
|---|---|
| Product | Cgi Lite (b35fe11e-b1e5-57e9-8d64-b000e7c76936) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2003-1365 |
vulnerable | 2026-06-03 14:26:33.032380 |
Details available
The escape_dangerous_chars function in CGI::Lite 2.0 and earlier does not correctly remove special characters including (1) "\" (backslash), (2) "?", (3) "~" (tilde), (4) "^" (carat), (5) newline, or (6) carriage return, which could allow remote attackers to read or write arbitrary files, or execute arbitrary commands, in shell scripts that rely on CGI::Lite to filter such dangerous inputs.
Published: 2007-10-17T01:00:00.000Z
Updated: 2024-08-08T02:28:02.475Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.