VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 25, 2011· Updated Apr 29, 2026

CVE-2011-5005

CVE-2011-5005

Description

Unrestricted file upload vulnerability in QuiXplorer 2.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension using the upload action to index.php, then accessing it via a direct request to the file in an unspecified directory.

Affected products

20
  • Claudio Klingler/Quixplorer10 versions
    cpe:2.3:a:claudio_klingler:quixplorer:*:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:claudio_klingler:quixplorer:*:*:*:*:*:*:*:*range: <=2.3
    • cpe:2.3:a:claudio_klingler:quixplorer:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:claudio_klingler:quixplorer:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:claudio_klingler:quixplorer:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:claudio_klingler:quixplorer:1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:claudio_klingler:quixplorer:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:claudio_klingler:quixplorer:1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:claudio_klingler:quixplorer:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:claudio_klingler:quixplorer:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:claudio_klingler:quixplorer:2.2:*:*:*:*:*:*:*
  • Mads Brunn/T3quixplorer10 versions
    cpe:2.3:a:mads_brunn:t3quixplorer:1.0.0:-:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:mads_brunn:t3quixplorer:1.0.0:-:*:*:*:*:*:*
    • cpe:2.3:a:mads_brunn:t3quixplorer:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mads_brunn:t3quixplorer:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mads_brunn:t3quixplorer:1.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mads_brunn:t3quixplorer:1.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mads_brunn:t3quixplorer:1.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mads_brunn:t3quixplorer:1.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mads_brunn:t3quixplorer:1.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mads_brunn:t3quixplorer:1.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mads_brunn:t3quixplorer:1.7.1:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.