CVE-2004-1263 - Virgulate Slash
Description
changepassword.cgi in ChangePassword 0.8 when installed setuid allows local users to execute arbitrary code by modifying the PATH environment variable to point to a malicious \make\ program.
Reference
http://tigger.uic.edu/~jlongs2/holes/changepassword.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/18593