vendor:
ASP Simple Blog
by:
indoushka
7.5
CVSS
HIGH
XSS
79
CWE
Product Name: ASP Simple Blog
Affected Version From: 3
Affected Version To: 3
Patch Exists: YES
Related CWE:
CPE: a:8pixel:asp_simple_blog:3.0
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux
2009
ASP Simple Blog version 3.0 Upload shell Vulnerability
An attacker can exploit this vulnerability by sending a maliciously crafted request to the vulnerable application. This can allow the attacker to upload a malicious file to the server, which can be used to execute arbitrary code.
Mitigation:
The vendor has released a patch to address this vulnerability. Users are advised to upgrade to the latest version of the application.