cbcvebase.
CVE-2004-2347
published 2004-12-31

CVE-2004-2347: blog.cgi in Leif M. Wright Web Blog 1.1 and 1.1.5 allows remote attackers to execute arbitrary commands via shell metacharacters such as '|' in the file…

PriorityP346high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
9.87%
95.0th percentile
blog.cgi in Leif M. Wright Web Blog 1.1 and 1.1.5 allows remote attackers to execute arbitrary commands via shell metacharacters such as '|' in the file parameter of ViewFile requests.

Affected

2 ranges
VendorProductVersion rangeFixed in
leif_m_wrightweb_blog
leif_m_wrightweb_blog
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.