efileman Arbitrary File Upload And Access Validation Vulnerabilities

The 'efileman' program is prone to multiple arbitrary-file-upload vulnerabilities and an access-validation vulnerability.

An attacker can exploit these issues to upload and execute arbitrary code in the context of the affected application or to view and modify sensitive configuration data.

These issues affect efileman 7.1; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus