Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org .
Network Query Tool contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the network_query.php script not properly sanitizing shell metacharacters. With a specially crafted request, an attacker can execute arbitrary commands with the privileges of the web server.
Upgrade to version 1.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.