Summary
boastMachine is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied input.
An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation other attacks
are also possible.
boastMachine 3.1 is affected
other versions may be vulnerable as
well.
References
Updated on 2017-03-28
Severity
Classification
-
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- A Really Simple Chat Multiple XSS Vulnerabilities
- APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
- Apache Roller 'q' Parameter Cross Site Scripting Vulnerability
- Apache Archiva Home Page Cross-Site Scripting vulnerability
- Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability