E18-5lvi1
CVSS:
4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
False Positive:
t
Variants:
6
Year:
2018
Description
This strike exploits a stored cross site scripting vulnerability in Supervene RazDC. The vulnerability is due to the lack of user-supplied input sanitization within save user.cgi form, while parsing input passed to various HTTP parameters. By exploiting this vulnerability, a remote, unauthenticated attacker can execute arbitrary OS commands on the target server.
CVE
References
MSB
BID
ExploitDB
Secunia
Security Tracker
Metasploit
ZDI
OSVDB
{}