Full title: Kaseya uploadImage Arbitrary File Upload Category: web applications Platform: php This Metasploit module exploits an arbitrary file upload vulnerability found in Kaseya versions below 6.3.0.2. A malicious user can upload an ASP file to an arbitrary directory without previous authentication, leading to arbitrary code execution with IUSR privileges. # 0day.today @ http://0day.today/