Remote File Upload Vulnerability in ShopNx

Remote File Upload Vulnerability in ShopNx

CVE-2018-12519 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to steal a user's credentials.

Learn more about our User Device Pen Test.