CVE-2008-1331

cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 before 210/091.001, OXO600 before 610/014.001, and other versions, allows remote attackers to execute arbitrary commands and "obtain OXO resources" via shell metacharacters in the id2 parameter.

Published : 2008-04-02 20:44 Updated : 2019-08-14 11:29

10.0
CVSS Score More info
Score 10.0 / 10
10.0

CPE

There is no CPE for this CVE.

CWE

ID Name Description Links
CWE-20 Improper Input Validation The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program. CVE