2 matches found
CVE-2013-7057
Cross-site request forgery CSRF vulnerability in Axway SecureTransport 5.1 SP2 and earlier allows remote attackers to hijack the authentication of unspecified users for requests that upload arbitrary files via a crafted request to api/v1.0/files/...
CVE-2013-7057
The CVE-2013-7057 issue affects Axway SecureTransport (5.1 SP2 and earlier). A CSRF flaw in the web API (api/v1.0/files/) allows an attacker to hijack the authenticated user and upload arbitrary files, potentially enabling web shells. Public sources (Seebug, Exploit-DB) describe arbitrary file up...