VidiScript Remote File Upload Vulnerability
BID:30721
Info
VidiScript Remote File Upload Vulnerability
| Bugtraq ID: | 30721 |
| Class: | Input Validation Error |
| CVE: |
CVE-2008-6518 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 18 2008 12:00AM |
| Updated: | Apr 16 2015 05:55PM |
| Credit: | InjEctOr5 |
| Vulnerable: |
VidiScript VidiScript 0 |
| Not Vulnerable: | |
Discussion
VidiScript Remote File Upload Vulnerability
VidiScript is prone to a vulnerability that allows an attacker to upload arbitrary script code and execute it in the context of the webserver process. This may help the attacker gain unauthorized access or escalate privileges; other attacks are also possible.
VidiScript is prone to a vulnerability that allows an attacker to upload arbitrary script code and execute it in the context of the webserver process. This may help the attacker gain unauthorized access or escalate privileges; other attacks are also possible.
Exploit / POC
VidiScript Remote File Upload Vulnerability
Attackers can use a browser to exploit this issue.
Attackers can use a browser to exploit this issue.
Solution / Fix
VidiScript Remote File Upload Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].