CVE-2005-2682
aspell_setup.php in the SpellChecker plugin in DTLink AreaEdit before 0.4.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the dictionary parameter (aka the lang variable).
Date published : 2005-08-23
http://www.formvista.com/forum.html?COMP=forum&cmd=view_thread&%28fvs%29cs_forums_threads_ref=47