login.cgi in Community Link Pro Web Editor allows remote attackers to execute arbitrary commands via the file parameter.