Intrusion Prevention



It indicates an attempt to execute a malicious command on AHG Search Engine.

HTMLsearch Search Engine software distributed by AHG by default is accessable via publisher/search.cgi. Due to insufficuient input sanitization, an attacker can execute arbitrary command on a target system by sending it a specially-crafted URL.

Affected Products

Any unprotected AHG HTMLSearch 1.0 is vulnerable.


Attackers can execute arbitrary commands on the victim system.

Recommended Actions

Upgrade the search engine to the latest non-vulnerable version.

Other References