HiScout GRC Suite File Upload

HiScout GRC Suite versions prior to 3.1.5 suffer from a file upload vulnerability. An authenticated attacker with the permission to edit or add a “WebSiteElement" to the "content" pages is able to upload any file with any file extension to the data directory of the application. This directory is in the web root and the uploaded file is executed on the server if ".aspx" is chosen as the file extension and if the file contains aspx source code. Any commands can be executed with the permissions of the web server user on the server by exploiting this vulnerability.

Link: https://packetstormsecurity.com/files/149355/SYSS-2018-015.txt