eZoneScripts Dating Website Remote File Upload Vulnerability
BID:31028
Info
eZoneScripts Dating Website Remote File Upload Vulnerability
| Bugtraq ID: | 31028 |
| Class: | Input Validation Error |
| CVE: |
CVE-2008-6987 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 05 2008 12:00AM |
| Updated: | May 07 2015 05:24PM |
| Credit: | CWCaspeR |
| Vulnerable: |
eZoneScripts Dating Website 0 |
| Not Vulnerable: | |
Discussion
eZoneScripts Dating Website Remote File Upload Vulnerability
eZoneScripts Dating Website is prone to a vulnerability that allows an attacker to upload arbitrary script code and execute it in the context of the webserver process. This may help the attacker gain unauthorized access or escalate privileges; other attacks are also possible.
eZoneScripts Dating Website is prone to a vulnerability that allows an attacker to upload arbitrary script code and execute it in the context of the webserver process. This may help the attacker gain unauthorized access or escalate privileges; other attacks are also possible.
Exploit / POC
eZoneScripts Dating Website Remote File Upload Vulnerability
Attackers can use a browser to exploit this issue.
Attackers can use a browser to exploit this issue.
Solution / Fix
eZoneScripts Dating Website Remote File Upload Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
eZoneScripts Dating Website Remote File Upload Vulnerability
References:
References:
- eZoneScripts Dating Scripts Homepage (eZoneScripts)