Summary
boastMachine is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied input.
An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation other attacks
are also possible.
boastMachine 3.1 is affected
other versions may be vulnerable as
well.
References
Updated on 2017-03-28
Severity
Classification
-
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Roller 'q' Parameter Cross Site Scripting Vulnerability
- appRain CMF 'uploadify.php' Remote Arbitrary File Upload Vulnerability
- Aardvark Topsites <= 4.2.2 Remote File Inclusion Vulnerability
- Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
- Apache Archiva Home Page Cross-Site Scripting vulnerability