GAT-Ship Web Module Unrestricted File Upload Vulnerability

ID 1337DAY-ID-32602
Type zdt
Reporter Gionathan Reale
Modified 2019-04-28T00:00:00


Exploit for asp platform in category web applications

                                            GAT-Ship Web Module before the current version (1.40) suffers from a vulnerability allowing authenticated attackers to 
upload any file type to the server via the "Documents" area. This vulnerability is related to "uploadDocFile.aspx"

Upgrade to 1.40

# [2019-04-28]  #