header-logo
Suggest Exploit
vendor:
PROMOTIC
by:
Unknown
7.8
CVSS
HIGH
Arbitrary Code Execution, Information Disclosure
20, 200
CWE
Product Name: PROMOTIC
Affected Version From: 8.1.2003
Affected Version To: Unknown
Patch Exists: YES
Related CWE: CVE-2011-2177
CPE: a:promotic:promotic:8.1.3
Metasploit:
Other Scripts:
Platforms Tested: Unknown
2011

PROMOTIC Multiple Security Vulnerabilities

The vulnerabilities in PROMOTIC may allow remote attackers to execute arbitrary code within the context of the affected application or disclose sensitive information. An attacker can exploit these vulnerabilities by providing a crafted HTTP request, which may lead to the execution of arbitrary code or disclosure of sensitive information.

Mitigation:

Update to the latest version of PROMOTIC to address these vulnerabilities. Additionally, restrict access to the affected application and ensure that it is not directly accessible from untrusted networks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/50133/info

PROMOTIC is prone to multiple security vulnerabilities.

Exploiting these issues may allow remote attackers to execute arbitrary code within the context of the affected application or disclose sensitive information.

PROMOTIC 8.1.3 is vulnerable; other versions may also be affected. 

http://www.example.com/webdir/..\..\..\..\..\boot.ini

Navigation

Suggest Exploit

Services By CQR