CGI-Rescue Shopping Basket Professional 7.50 and earlier allows remote attackers to inject arbitrary operating system commands via unspecified vectors.Referenceshttp://osvdb.org/31622http://secunia.com/advisories/23909http://www.securityfocus.com/bid/22245http://jvn.jp/jp/JVN%2382258242/index.html
