CVE-2009-1314

Sažetak

body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.

Reference

https://exchange.xforce.ibmcloud.com/vulnerabilities/50389
https://www.exploit-db.com/exploits/8382

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-09-2017 - 01:34

Objavljeno

17-04-2009 - 00:30