4 matches found
BigAnt Server DUPF Command Arbitrary File Upload (CVE-2012-6274)
An arbitrary file upload vulnerability exists in BigAnt Server. The vulnerability is due to lack of authentication and a directory traversal weakness in processing a DUPF command. Remote unauthenticated attackers can exploit this vulnerability by sending malicious requests to the target server...
CVE-2012-6274
BigAnt Server (BigAnt IM Message Server) is affected by CVE-2012-6274: an authentication bypass that permits remote unauthenticated file uploads to AntServer\DocData\Public via DUPF processing, with a reported directory-traversal weakness contributing to arbitrary file upload. Connected advisorie...
CVE-2012-6274
creationtimestamp| type| source ---|---|--- 2013-02-20 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/24528 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/bigantserverdupfupload.rb 2025-02-06 03:13:41+00:00...
BigAnt IM Message server and components contain multiple vulnerabilities
Overview BigAnt IM Message server and components contain multiple vulnerabilities which could allow an attacker to perform administrative functions on the the system Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' - CVE-2012-6273During the SH...