CVE-2006-0628

Summary

myquiz.pl in Dale Ray MyQuiz 1.01 allows remote attackers to execute arbitrary commands via shell metacharacters in the URL, which are not properly handled as part of the PATH_INFO environment variable.