- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 24987
- Проверка EDB
-
- Пройдено
- Автор
- JEREMY BAE
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2004-12-16
JSBoard 2.0.x - Arbitrary Script Upload
Код:
source: https://www.securityfocus.com/bid/11983/info
JSBoard is reported prone to a vulnerability that can allow a remote attacker to upload arbitrary PHP scripts to a vulnerable server. This issue results from insufficient sanitization of user-supplied input.
If successful, the attacker can execute arbitrary script code on a vulnerable server. This can lead to unauthorized access in the context of the application.
This issue was identified in versions of JSBoard 2.0.8 and prior and JSBoard-win32 1.3.11a prior.
Script file name:
attack.php.hwp- Источник
- www.exploit-db.com
