eFront 3.6.10 Multiple Security Vulnerabilities
eFront is prone to multiple security vulnerabilities, including:
1. A remote code injection vulnerability
2. Multiple SQL injection vulnerabilities
3. An authentication bypass and privilege escalation vulnerability
4. A remote code execution vulnerability
5. A file upload vulnerability
Attackers can exploit these issues to bypass certain security restrictions, insert arbitrary code, obtain sensitive information, execute arbitrary code, modify the logic of SQL queries, and upload arbitrary code. Other attacks may also be possible.
eFront 3.6.10 is vulnerable; prior versions may also be affected.