Planet eStream prior to 6.72.10.07 allows unauthenticated upload of arbitrary files: Choose a Video / Related Media or Upload Document. Upload2.ashx can be used, or Ajax.asmx/ProcessUpload2. This leads to remote code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
planetestream planet estream |