Arbitrary File Upload Vulnerability in GAT-Ship Web Module before 1.40
CVE-2019-11028 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing authenticated attackers to upload any file type to the server via the "Documents" area. This vulnerability is related to "uploadDocFile.aspx".
Learn more about our Web App Pen Testing.