CVE-2017-6090 Scanner

PhpCollab is an open source project management system that helps teams collaborate on projects more effectively. It provides features like task management, file sharing, time tracking, and team communication. With its easy-to-use interface, PhpCollab helps teams to manage their projects efficiently and effectively.

CVE-2017-6090 is a security vulnerability found in PhpCollab 2.5.1 and earlier versions. This vulnerability is an unrestricted file upload vulnerability in clients/editclient.php that allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension and then accessing it directly via a request to the file in logos_clients/.

If exploited, this vulnerability can allow an attacker to upload a malicious file that can execute arbitrary code, ultimately giving the attacker complete control over the server. This could result in sensitive information being leaked, sensitive data being deleted, or the server being used as a platform to launch further attacks.

Thanks to the pro features of the s4e.io platform, users can easily and quickly learn about vulnerabilities in their digital assets. This powerful platform provides detailed information on security vulnerabilities, as well as actionable advice on how to protect against them. With its intuitive interface and powerful features, s4e.io is an essential tool for anyone concerned about the security of their digital assets.

REFERENCES

• https://sysdream.com/news/lab/2017-09-29-cve-2017-6090-phpcollab-2-5-1-arbitrary-file-upload-unauthenticated/
• https://www.exploit-db.com/exploits/42934/
• https://www.exploit-db.com/exploits/43519/