CVE-2003-0243
published 2003-05-27CVE-2003-0243: Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter for the (1)…
PriorityP338high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
3.46%
87.6th percentile
Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter for the (1) normal_html.cgi or (2) member_html.cgi scripts.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| happycgi | happymall | — | — |
| happycgi | happymall | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
HappyMall E-Commerce Software 4.3/4.4 - 'Member_HTML.cgi' Command Execution
exploitdb·2003-05-08
CVE-2003-0243 HappyMall E-Commerce Software 4.3/4.4 - 'Member_HTML.cgi' Command Execution
HappyMall E-Commerce Software 4.3/4.4 - 'Member_HTML.cgi' Command Execution
---
source: https://www.securityfocus.com/bid/7530/info
It has been reported that a problem in the HappyMall E-Commerce software package could allow an attacker to pass arbitrary commands through the member_html.cgi script. This could lead to attacks against system resources.
##########################################################
# HappyMall explo
# vulnerable:
# HappyCGI HappyMall 4.3
# HappyCGI HappyMall 4.4
#
#
# www.spabam.org spabam.tk spabam.da.ru go.to/spabam
# Spawn bash style Shell with webserver uid
#
# Spabam 2003 PRIV8 code
# #hackarena irc.brasnet.org
# This Script is currently under development
#####################################################
use strict;
use IO::Socket;
my $host;
my $por
Exploit-DB
HappyMall E-Commerce Software 4.3/4.4 - 'Normal_HTML.cgi' Command Execution
exploitdb·2003-05-07
CVE-2003-0243 HappyMall E-Commerce Software 4.3/4.4 - 'Normal_HTML.cgi' Command Execution
HappyMall E-Commerce Software 4.3/4.4 - 'Normal_HTML.cgi' Command Execution
---
source: https://www.securityfocus.com/bid/7529/info
It has been reported that a problem in the HappyMall E-Commerce software package could allow an attacker to pass arbitrary commands through the normal_html.cgi script. This could lead to attacks against system resources.
##########################################################
# HappyMail explo
# vulnerable:
# HappyCGI HappyMall 4.3
# HappyCGI HappyMall 4.4
#
#
# www.spabam.org spabam.tk spabam.da.ru go.to/spabam
# Spawn bash style Shell with webserver uid
#
# Spabam 2003 PRIV8 code
# #hackarena irc.brasnet.org
# This Script is currently under development
#####################################################
use strict;
use IO::Socket;
my $host;
my $por
No writeups or analysis indexed.
2003-05-27
Published