Ceica Groupware Multiple Remote File Upload Vulnerabilities
BID:30338
Info
Ceica Groupware Multiple Remote File Upload Vulnerabilities
| Bugtraq ID: | 30338 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 21 2008 12:00AM |
| Updated: | Jul 22 2008 10:08PM |
| Credit: | Ciph3r |
| Vulnerable: |
Ceica Groupware Ceica Groupware 1.5 |
| Not Vulnerable: | |
Discussion
Ceica Groupware Multiple Remote File Upload Vulnerabilities
Ceica Groupware is prone to multiple vulnerabilities that allow an attacker to upload arbitrary script code and execute it in the context of the webserver process. This may help the attacker gain unauthorized access or escalate privileges; other attacks are also possible.
Ceica Groupware 1.5 is vulnerable; other versions may also be affected.
Ceica Groupware is prone to multiple vulnerabilities that allow an attacker to upload arbitrary script code and execute it in the context of the webserver process. This may help the attacker gain unauthorized access or escalate privileges; other attacks are also possible.
Ceica Groupware 1.5 is vulnerable; other versions may also be affected.
Exploit / POC
Ceica Groupware Multiple Remote File Upload Vulnerabilities
Attackers can use a browser to exploit this issue.
Attackers can use a browser to exploit this issue.
Solution / Fix
Ceica Groupware Multiple Remote File Upload Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Ceica Groupware Multiple Remote File Upload Vulnerabilities
References:
References:
- Ceica Groupware Homepage (Ceica Groupware)