Vulnerabilities > CVE-2009-1314 - Remote Security vulnerability in Webfileexplorer web File Explorer 3.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | WebFileExplorer 3.1 (Auth Bypass) SQL Injection Vulnerability. CVE-2009-1314,CVE-2009-1323. Webapps exploit for php platform |
file | exploits/php/webapps/8382.txt |
id | EDB-ID:8382 |
last seen | 2016-02-01 |
modified | 2009-04-09 |
platform | php |
port | |
published | 2009-04-09 |
reporter | Osirys |
source | https://www.exploit-db.com/download/8382/ |
title | WebFileExplorer 3.1 Auth Bypass SQL Injection Vulnerability |
type | webapps |