Sawmill Multiple Security Vulnerabilities Network Vulnerability

Summary

Sawmill is prone to multiple security vulnerabilities, including unauthorized- access, security-bypass, and cross-site-scripting issues. Attackers can exploit these issues to gain administrative access to the affected application, execute arbitrary commands, perform unauthorized actions, and steal cookie-based authentication credentials. Other attacks are also possible. Versions prior to Sawmill 8.1.7.3 are vulnerable.

Solution

Updates are available. Please see the references for details.

References

http://www.sawmill.net
http://www.sawmill.net/version_history8.html
http://www.securityfocus.com/archive/1/514405
https://www.securityfocus.com/bid/44292

Updated on 2017-03-28

Severity

Classification

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

AjaxPortal 'di.php' File Inclusion Vulnerability
Awstats Configuration File Remote Arbitrary Command Execution Vulnerability
ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability
Adobe ColdFusion Authentication Bypass Vulnerability
Apache Tomcat AJP Protocol Security Bypass Vulnerability

Take action and discover your vulnerabilities