boastMachine users.inc.php File Extension Validation Arbitrary File Upload

What is the name of the domain?

What is the error number?

NA

What is the error message?

The remote web server contains a PHP script that is affected by an arbitrary file upload vulnerability. The remote host is running boastMachine, an open source publishing tool written in PHP. According to its banner, the version of boastMachine installed on the remote host allows authenticated users to upload arbitrary files and then run them subject to the privileges of the web server user. See also : Wayback Machine http://boastology.com/pages/changes.php

What is the issue you’re encountering

PCI Scan failure

What steps have you taken to resolve the issue?

Trying to figure out what boastMachine is, where it is, how to fix it, etc. This is something I have never heard of or worked with so I dont know where it came from.

Was the site working with SSL prior to adding it to Cloudflare?

Yes

What is the current SSL/TLS setting?

Flexible

What are the steps to reproduce the issue?

PCI Scan

Screenshot of the error

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.