header-logo
Suggest Exploit
vendor:
Easy File Sharing Web Server
by:
SecurityFocus
8.8
CVSS
HIGH
HTML-injection, denial-of-service, and arbitrary file-upload vulnerabilities
20, 79, 264
CWE
Product Name: Easy File Sharing Web Server
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

Easy File Sharing Web Server Multiple Input-Validation Vulnerabilities

Easy File Sharing Web Server is prone to multiple input-validation vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker can exploit these issues to steal cookie-based authentication credentials, control how the site is rendered to the user, cause the application to crash, and facilitate a compromise of the underlying computer.

Mitigation:

Ensure that user-supplied input is properly sanitized before being used in dynamically generated content.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/17046/info
 
Easy File Sharing Web Server is prone to multiple input-validation vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. 
 
The issues include HTML-injection, denial-of-service, and arbitrary file-upload vulnerabilities.
 
An attacker can exploit these issues to steal cookie-based authentication credentials, control how the site is rendered to the user, cause the application to crash, and facilitate a compromise of the underlying computer.

http://www.example.com/disk_c/Documents%20and%20Settings/All%20Users/Start%20Menu/Programs/Startup

Navigation

Suggest Exploit

Services By CQR