Arbitrary File Upload Vulnerability in GAT-Ship Web Module before 1.40

Arbitrary File Upload Vulnerability in GAT-Ship Web Module before 1.40

CVE-2019-11028 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing authenticated attackers to upload any file type to the server via the "Documents" area. This vulnerability is related to "uploadDocFile.aspx".

Learn more about our Web App Pen Testing.