Multiple CGI scripts in CIDER SHADOW 1.5 and 1.6 allows remote attackers to execute arbitrary commands via certain form fields.
http://www.securityfocus.com/bid/4625
http://www.iss.net/security_center/static/8953.php
http://www.esecurityonline.com/advisories/eSO2408.asp
http://archives.neohapsis.com/archives/bugtraq/2002-04/0400.html