Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: attack

BDPDT Arbitrary File Upload Vulnerabily Vulnerability Scan

Vulnerability Scan Summary
Checks for BDPDT's uploadfilepopup.aspx

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server contains an ASP script that allows uploading of
arbitrary files.

Description :

The remote host contains BDPDT, a database abstraction layer used in
various add-on modules for DotNetNuke.

The installed version of the BDPDT contains an ASP.NET script that
allows an unauthenticated attacker to gain control of the affected
host by allowing uploading arbitrary files with the
'UploadFilePopUp.aspx' script.

See also :

Solution :

Contact the vendor for a newer version of BDPDT.

Threat Level:

Critical / CVSS Base Score : 10

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.