Vulnerabilities > Webfileexplorer
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-05-01 | CVE-2009-1495 | Permissions, Privileges, and Access Controls vulnerability in Webfileexplorer web File Explorer 3.1 Web File Explorer 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for data/db.mdb. | 5.0 |
2009-04-17 | CVE-2009-1323 | SQL Injection vulnerability in Webfileexplorer web File Explorer 3.1 SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-04-17 | CVE-2009-1314 | Remote Security vulnerability in Webfileexplorer web File Explorer 3.1 body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension. | 10.0 |