1 results (0.006 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2009-4493 – Orion Application Server 2.0.7 - 'Terminal Escape Sequence in Logs' Command Injection
https://notcve.org/view.php?id=CVE-2009-4493
11 Jan 2010 — Orion Application Server 2.0.7 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. Orion Application Server v2.0.7 escribe datos en un archivo de los sin depurar los caracteres no escribibles, lo que podría permitir a atacantes remotos modificar la ventana de título, o posiblemente ejecutar coma... • https://www.exploit-db.com/exploits/33503 • CWE-20: Improper Input Validation •