Common Gateway Interface, also known as CGI, is a software that helps a web-server to display dynamic web-pages, in other words, to create an adjustable answer based on the user’s request. The data transfer process between the web-server and application is called a Common Gateway Interface (CGI).
The goal of the CGI applications is to get access to other running apps on the server. The web-server uses CGI to search for documents, run the authorized commands, or store information on the server. The CGI application is smart enough to detect and provide information to a certain user all while identifying him.
However, using the CGI scripts to launch other applications on the server makes the data vulnerable. That grants access to hackers.
|CVE-1999-0174||A CGI-app for a source review allows the hackers to read files with a dot-dot-slash attack.|
|CVE-1999-0237||The remote commands running by means of the CGI Guestbook application.|
|CVE-1999-0260||Jj CGI application allows running commands through the framework metacharacters.|
|PHF Attack||The wrong use of PHF script allows a hacker to receive confidential information such as personal data and passwords.|