Summary
EasySiteEdit is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input.
Exploiting this issue may allow an attacker to compromise the application and the underlying system
other attacks are also
possible.
References
Updated on 2017-03-28
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- ARRIS 2307 Unprotected Web Console
- ActivDesk Multiple Cross Site Scripting and SQL Injection Vulnerabilities
- Adobe ColdFusion Information Disclosure Vulnerability
- ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability
- Alcatel-Lucent OmniPCX Enterprise Remote Command Execution Vulnerability