cpe:/a:positive_software:h-sphere:2.3_rc3 CVE-2003-1248 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:26.247-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-17T13:41:00.000-05:00 ALLOWS_USER_ACCESS SECTRACK 1005893 BUGTRAQ 20030106 Remote root vuln in HSphere WebShell BID 6537 BID 6539 XF hsphere-webshell-encodefilename-execution(11001) MISC http://psoft.net/misc/webshell_patch.html H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) mode and (2) zipfile parameters in a URL request.