Livezilla 5.0.1.4 allow null bytes in the URL – Vulnerable

0

Livezilla is an online chat system found on a different website.

It is used by employees of a company that provides customer service,
For various questions that customers may have addressed to the company then use this service.

The software itself is used in different industries.

A group of engineers has discovered that Livezilla 5.0.1.4 is vulnerable.

According to them the above version has been tested on a Windows System with PHP installed version that allows null bytes in URLs.
Reading the apache log have managed to get full permission within the system where Livezilla is installed.

To help resolve this problem, the group of engineers who discovered this bug in version 5.0.1.4 of Livezilla,
advise to update the existing software in the latest version,
as the software itself has thrown a patch that applies the fix on this issue on its official.

LEAVE A REPLY

Please enter your comment!
Please enter your name here