PT-2005-2559 · Boastmachine · Boastmachine

Publicado

2005-05-11

Atualizado

2008-09-05

CVE-2005-1580

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions BoastMachine version 3.0

Description The issue allows remote attackers to execute arbitrary code due to a lack of proper restriction on the types of files that can be uploaded through the users.ini.php file.

Recommendations For BoastMachine version 3.0, restrict access to the file upload functionality to minimize the risk of exploitation. Consider implementing proper file type validation and sanitization to prevent the upload of malicious files.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-1580

Produtos afetados

Boastmachine

PT-2005-2559 · Boastmachine · Boastmachine

CVE-2005-1580

Identificadores relacionados

Produtos afetados

Referências · 6