E17-mggs1
CVSS:
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
False Positive:
f
Variants:
2
Year:
2017
Description
This strike exploits a file upload vulnerability in Clipbucket web application.
The vulnerability is due to improper validation of the user controlled input to the file uploading scripts.
By exploiting this vulnerability, a remote, unauthenticated attacker can upload any file including PHP scripts and execute them on the target server.
NOTE: When run in one-arm mode, target web application index needs to be available at http://[server].