Privilege Escalation Vulnerability in Acunetix Web Vulnerability Scanner (WVS)
CVE-2015-4027 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
The AcuWVSSchedulerv10 service in Acunetix Web Vulnerability Scanner (WVS) before 10 build 20151125 allows local users to gain privileges via a command parameter in the reporttemplate property in a params JSON object to api/addScan.
Learn more about our Web App Pen Testing.