• Brian Cardinale reported a file upload directory traversal vulnerability that affects the AjaxControlToolkit prior to version 15.1. On a poorly configured web server this vulnerability can lead to remote code execution. The flaw was introduced in version 7.429 which was released on April 30, 2013. The latest vulnerable version is 7.1213.
  
  List of vulnerable versions:
  • 7.1213.0
  • 7.1005.0
  • 7.1002.0
  • 7.930.0
  • 7.725.0
  • 7.607.0
  • 7.429.0

• It's recommended to upgrade to the latest version of AjaxControlToolkit.

• • CVE-2015-4670: Directory Traversal to Remote Code Execution in AjaxControlToolkit
  • AJAX Control Toolkit

• 

• CVE-2015-4670

• CWE-434

• CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

• Code Execution Directory Traversal

• WordPress Plugin WP Super Cache PHP Code Injection (1.2)
• WordPress Plugin is_human() 'type' Parameter Remote Command Injection (1.4.2)
• Liferay version older than 7.1
• Apache Shiro Deserialization RCE
• WordPress Plugin WP GPX Maps 'wp-gpx-maps_admin_tracks.php' Arbitrary File Upload (1.1.22)