ID de Prueba:	1.3.6.1.4.1.25623.1.0.52030
Categoría:	Gain a shell remotely
Título:	RunCMS Remote Arbitrary File Upload and Execution
Resumen:	NOSUMMARY
Descripción:	Description: The remote version of RunCMS, according to its version number, is vulnerable to a code execution vulnerability via uploaded files. This requires avatar uploads be enabled, which is not the default setup. Versions up to 1.1A are known to be vulnerable. Solution : Upgrade to a later version when one comes available, and meanwhile ensure that avatar uploads are disabled. Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	BugTraq ID: 13027 Common Vulnerability Exposure (CVE) ID: CVE-2005-1031 http://www.securityfocus.com/bid/13027 Bugtraq: 20050406 runcms/e-xoops 1.1A and below file upload vulnerability (Google Search) http://marc.info/?l=bugtraq&m=111280711228450&w=2 http://secunia.com/advisories/14869 XForce ISS Database: exoops-runcms-upload-files(20001) https://exchange.xforce.ibmcloud.com/vulnerabilities/20001
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.