TimeLive.FileDownload.ASPX.Arbitrary.File.Download
Description
This indicates a possible attempt to exploit an Arbitrary File Download vulnerability in TimeLive Time and Expense.
The vulnerability is due to the vulnerable application's failure to sufficiently sanitize user-supplied input. It may allow remote attackers to download arbitrary files.
Affected Products
TimeLive TimeLive Time and Expense 4.1.1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Currently we are not aware of any vendor-supplied patches for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-02 | 16.972 |