Ditto Forensic FieldStation Multiple Security Vulnerabilities

Ditto Forensic FieldStation is prone to multiple html-injection vulnerabilities, an unspecified cross-site request-forgery vulnerability, multiple remote command-injection vulnerabilities and an authentication-bypass vulnerability.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary commands in the context of the application, disclose sensitive information, perform certain administrative actions, gain unauthorized access, or bypass certain security restrictions.


Privacy Statement
Copyright 2010, SecurityFocus