Arbitrary File Write Vulnerability in IDrive Online Backup 3.4.0

Arbitrary File Write Vulnerability in IDrive Online Backup 3.4.0

CVE-2011-5290 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:P

The SaveToFile method in the UniBasicPack.UniTextBox ActiveX control in UniBasic100_EDA1811C.ocx in IDrive Online Backup 3.4.0 allows remote attackers to write to arbitrary files via a pathname in the first argument.

Learn more about our Web Application Penetration Testing UK.