UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions prior to 0.80, allows remote malicious users to execute arbitrary commands by calling the servlet to upload a program, then using a ... (modified ..) to access the file that was created for the program.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bajie java http server |