====== Command Injection Attack ======

Generally an attack of this kind attempts to pass specially formed data, commands, or other data to executed programs on behalf of a web page or CGI script.  Commonly these commands get executed with the same permissions level as the web server and as such pose a significant systems risk.

===== Exploited Vulnerability =====

  * [[security:functions:shell_functions|Security sensitive shell functions]]

===== Additional Information =====

  * See [[security:web application security]] and [[catalog|security attacks catalog]].