[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

In-portal 5.0.3 Remote Arbitrary File Upload Exploit

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: In-portal 5.0.3 Remote Arbitrary File Upload Exploit
From: eidelweiss@xxxxxxxxxxxxxxxxx
Date: 23 Apr 2010 04:21:25 -0000

In-portal  is prone to a remote arbitrary file-upload vulnerability

This issue may allow remote attackers to upload arbitrary files, including 
malicious scripts, and possibly to execute a script on the affected server.

In-portal Web 2.0 CMS v5.0.3 is affected by this issue. Other or lowers 
versions may be vulnerable as well.

Reports indicate that this issue is being exploited in the wild.

The following exploit code is available: 
http://inj3ct0r.com/exploits/11949

Prev by Date: [HITB-Announce] HITBSecConf2009 - Malaysia Videos Released!
Next by Date: Vulnerability in Referer for DataLife Engine
Previous by thread: [HITB-Announce] HITBSecConf2009 - Malaysia Videos Released!
Next by thread: Vulnerability in Referer for DataLife Engine
Index(es):
- Date
- Thread