Intrusion Prevention

AppRain.CMF.PHP.Script.File.Upload.Security.Bypass

Description

This indicates an attack attempt against an Security Bypass vulnerability in appRain CMF.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling HTTP requests. A remote attacker may be able to exploit this to execute arbitrary script code within the context of the application.

Affected Products

appRain CMF 0.1.5 and prior

Impact

Security Bypass: Remote attackers can bypass security checking of vulnerable systems.
System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any officially supplied fix for this issue.

CVE References

CVE-2012-1153