Arbitrary Code Execution via Unrestricted File Upload in BoastMachine 3.0

Arbitrary Code Execution via Unrestricted File Upload in BoastMachine 3.0

CVE-2005-1580 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

users.ini.php in BoastMachine 3.0 does not properly restrict the types of files that can be uploaded, which allows remote attackers to execute arbitrary code.

Learn more about our Web Application Penetration Testing UK.