Psunami Bulletin Board Psunami.CGI Remote Command Execution Vulnerability

info
discussion
exploit
solution
references

Psunami Bulletin Board Psunami.CGI Remote Command Execution Vulnerability

Psunami Bulletin Board is prone to a remote command execution vulnerability.

Psunami does not sufficiently sanitize shell metacharacters from query string parameters. As a result, it may be possible for a remote attacker to execute arbitrary commands in the context of the webserver process.