V
Scaner-VS
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
CVE-2008-5516
DEB
HighConfirmedExploit available

The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote attackers to execute arbitrary commands via shell metacharacters related…

CVSS
7.5
High
EPSS
0.04
p89
Published
2008-01-01
Updated
2008-01-01
Description

The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote attackers to execute arbitrary commands via shell metacharacters related to git_search.

Tags · CWE
CWE-78
CAPEC-6
CAPEC-15
CAPEC-43
CAPEC-88
CAPEC-108
Affected products
Git-coreGit-coreGit
CVSS vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Timeline
2008-01-01
Published
2008-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Authentication
Au: N
None (N)
Confidentiality Impact
C: P
Partial
Integrity Impact
I: P
Partial
Availability Impact
A: P
Partial
Exploit indicators
EPSS
0.044 · p89
Known exploited (KEV)
No
Known exploits — Сканер-ВС
11497
exploitdb · https://www.exploit-db.com/exploits/11497
Enterprise
Affected products
ProductVendorStatus
git-coreTracked
git-coreTracked
git*Tracked
Source databases
DEB
CVE
UBU
Related vulnerabilities