Vulnerabilities > CVE-2011-0678 - Unspecified vulnerability in Lomtec Activeweb 3.0

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

lomtec

exploit available

NVD

Published: 2011-01-28

Updated: 2024-11-21

Summary

Unrestricted file upload vulnerability in the EasyEdit module in Lomtec ActiveWeb Professional 3.0 allows remote attackers to execute arbitrary code by uploading an executable file via the UploadDirectory and Accepted Extensions fields in the getImagefile component of EasyEdit.cfm.

Vulnerable Configurations

Part	Description	Count
Application	Lomtec Lomtec Activeweb 3.0	1

Exploit-Db

description	ActiveWeb Professional 3.0 Arbitrary File Upload Vulnerability. CVE-2011-0678. Webapps exploit for cfm platform
id	EDB-ID:35256
last seen	2016-02-04
modified	2011-01-25
published	2011-01-25
reporter	StenoPlasma
source	https://www.exploit-db.com/download/35256/
title	ActiveWeb Professional 3.0 - Arbitrary File Upload Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References