An unrestricted file upload vulnerability in SITOS six Build v6.2.1 allows remote malicious users to execute arbitrary code by uploading a SCORM file with an executable extension. This allows an unauthenticated malicious user to upload a malicious file (containing PHP code to execute operating system commands) to the web root of the application.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sitos sitos six 6.2.1 |