Schneider Electric U.motion Builder editscript remote code execution vulnerability
U.motion Builder is a builder product from Schneider Electric France. A remote code execution vulnerability exists in the Schneider Electric U.motion Builder editscript. It allows a caller with standard user privileges to write arbitrary PHP files anywhere in the web service directory tree. An...