SwDesk Multiple Input Validation Vulnerabilities Network Vulnerability

Summary

swDesk is prone to the following vulnerabilities: 1. An arbitrary file-upload vulnerability. 2. Multiple cross-site scripting vulnerabilities. 3. Multiple PHP code-injection vulnerabilities. An attacker can exploit these issues to execute arbitrary script code in the context of the affected site, steal cookie-based authentication credentials, upload arbitrary code, or inject and execute arbitrary code in the context of the affected application. This may facilitate a compromise of the application and the underlying system other attacks are also possible.

References

http://www.securityfocus.com/bid/51792
http://www.swdesk.com/

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

ASP Inline Corporate Calendar SQL injection
ArticleFR CMS 'id' Parameter SQL Injection Vulnerability
ARRIS 2307 Unprotected Web Console
Acidcat CMS Multiple Vulnerabilities
4psa Voipnow Local File Inclusion Vulnerability

swDesk Multiple Input Validation Vulnerabilities

Take action and discover your vulnerabilities