Signature Detail
Short Name |
HTTP:PHP:RUNCMS-FILE-UP |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
HTTP |
Release Date |
2009/07/17 |
Update Number |
1465 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: RunCMS File Upload
This signature detects attempts to exploit a known vulnerability against RunCMS. A successful attack can lead to the upload of an arbitrary file.
Extended Description
RunCMS is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately validate user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible. RunCMS 1.6.3 is vulnerable; other versions may also be affected.
Affected Products
- RunCMS 1.6.3
References
- BugTraq: 35646