The view_page.html sample page in the MiniVend shopping cart program allows remote attackers to execute arbitrary commands via shell metacharacters.
https://exchange.xforce.ibmcloud.com/vulnerabilities/4880
http://www.zdnet.com/zdnn/stories/news/0%2C4586%2C2600258%2C00.html
http://www.securityfocus.com/bid/1449
http://archives.neohapsis.com/archives/bugtraq/2000-07/0150.html