|    |    |    | Today: 21-Sep-2019 |

BuilderEngine Arbitrary File Upload / Execution

November 1, 2017 | Posted in ExploitAlert

This Metasploit module exploits a vulnerability found in BuilderEngine 3.5.0 via elFinder 2.0. The jquery-file-upload plugin can be abused to upload a malicious file, which would result in arbitrary remote code execution under the context of the web server.


Source: BuilderEngine Arbitrary File Upload / Execution

Taged in: Exploit