This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.
The bibliography application hosted on the remote web server has a
command injection vulnerability.
Basilic, a bibliography server for research laboratories, has a
command injection vulnerability. Input to the file parameter of
diff.php is not properly sanitized. A remote, unauthenticated
attacker could exploit this to execute arbitrary shell commands.
See also :
There is no known solution at this time.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 7.1
Public Exploit Available : true