Avaya IP Office Customer Call Reporter ImageUpload Exploit

The specific flaw exists because Avaya IP Office Customer Call Reporter allows to upload files to the webserver through ImageUpload.ashx. The uploaded files will not be stripped of their file extensions and the directory where they are saved has no scripting restrictions.



CVE Link
CVE-2012-3811
Exploit Type - Old
Exploits/Remote
Exploit Platform
Windows
Exploit Type
Exploits
Remote
Product Name
Impact Professional