mtnpeak.net File Upload Manager does not properly check user authentication for certain actions, which allows remote malicious users to provide a modified base64-encoded file parameter and (1) read arbitrary files via the "view" action or (2) delete arbitrary files via the del action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adam mmedici file upload manager |