virus logo Intrusion Prevention

CuteFlow.Unauthorized.User.PHP.File.Upload

description-logoDescription

This indicates an attack attempt to exploit a File Uploading vulnerability in CuteFlow.
This issue is caused by a lack of sanitizing of the user supplied inputs passed to "pages/restart_circulation_values_write.php". It may allow remote attackers to upload and execute arbitrary php file via a crafted http request.

affected-products-logoAffected Products

CuteFlow 2.11.2

Impact logoImpact

System Compromise: Remote attackers can gain control vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 33226
Created Sep 28, 2012
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Windows, Linux, BSD, Solaris, MacOS
Affected App PHP_app