Full title: Ektron 8.5 / 8.7 / 9.0 XSLT Transform Remote Code Execution Exploit 
Category: remote exploits
Platform: windows
Ektron versions 8.5, 8.7 equal to and below sp1, and 9.0 before sp1 have vulnerabilities in various operations within the ServerControlWS.asmxweb services. These vulnerabilities allow for remote code execution without authentication and execute in the context of IIS on the remote system.

# 0day.today @ http://0day.today/