![]() It is recommended to remove the application in order to mitigate this vulnerability. ![]() If this signature is detected, an incident is generated in the Alert Logic console. The Network-Based Intrusion Detection System (IDS) has been updated with the new signatures for this exploit when detected via Alert Logic Threat Manager™. Alert Logic CoverageĪlert Logic® has evaluated its customer base for exposure to the exploit and has developed signatures for mitigating the threat depending on the security service in place. A remote unauthenticated attacker can upload a malicious file to the upload directory via a request to upload.php. The vulnerability exists in the upload.php file which does not carry out authentication or validation checks. Vulnerability DescriptionĪn arbitrary file upload vulnerability exists within a Contact Form Generator application. This can be achieved through Google dorks. The attacker should know the location of the vulnerable file on the target server.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |