Severity: Critical
Netsparker identified that code execution via WebDAV. Netsparker successfully uploaded a file via PUT
method and then renamed this file via MOVE
method. When requesting the file, code is executed in the context of the web server. At the end of the attack, Netsparker tried to delete the file.