Remote File Upload Vulnerability in ShopNx
CVE-2018-12519 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to steal a user's credentials.
Learn more about our User Device Pen Test.