|
|
Site@School Multiple Input Validation Vulnerabilities
Site@School is prone to multiple input-validation vulnerabilities, including an arbitrary-file-upload issue, multiple remote file-include issues, and a directory-traversal issue, because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to upload an arbitrary PHP file, execute the file on the vulnerable computer in the context of the webserver process, and retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may lead to other attacks. Site@School 2.4.02 and earlier versions are vulnerable to these issues. |
|
Privacy Statement |