Unrated severityNVD Advisory· Published Feb 18, 2018· Updated Aug 5, 2024

CVE-2018-7217

Description

In Bravo Tejari Procurement Portal, uploaded files are not properly validated by the application either on the client or the server side. An attacker can take advantage of this vulnerability and upload malicious executable files to compromise the application, as demonstrated by an esop/evm/OPPreliminaryForms.do?formId=857 request.

Affected products

Bravo Tejari/Procurement Portalllm-fuzzy

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

seclists.org/bugtraq/2018/Feb/38mitrex_refsource_MISC
packetstormsecurity.com/files/146425/Tejari-Arbitrary-File-Upload.htmlmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000