GAT-Ship Web Module Unrestricted File Upload

GAT-Ship Web Module versions prior to 1.40 suffer from an unrestricted file upload vulnerability.


MD5 | 8c2fb3fc6426dc78470e27e9dc57cdb0

Download
GAT-Ship Web Module before the current version (1.40) suffers from a vulnerability allowing authenticated attackers to 
upload any file type to the server via the "Documents" area. This vulnerability is related to "uploadDocFile.aspx"


Fix:
Upgrade to 1.40

Source: packetstormsecurity.com
Related Posts