E18-0jzu1
CVSS:
5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
False Positive:
t
Variants:
1
Year:
2018
Description
A file upload vulnerability was found in Apache Pluto PortletV3AnnotatedDemo. The vulnerability is due to improper access control of user-supplied input when the portlet performs a file-uploading operation. Successful exploitation can result arbitrary file upload and possible remote code execution in the context of the user running the webserver.
CVE
References
MSB
BID
ExploitDB
Secunia
Security Tracker
Metasploit
ZDI
OSVDB
{}