Critical severity9.8NVD Advisory· Published Jun 16, 2017· Updated May 13, 2026
CVE-2017-9602
CVE-2017-9602
Description
KBVault Mysql Free Knowledge Base application package 0.16a comes with a FileExplorer/Explorer.aspx?id=/Uploads file-management component. An unauthenticated user can access the file upload and deletion functionality. Through this functionality, a user can upload an ASPX script to Uploads/Documents/ to run any arbitrary code.
Affected products
1- cpe:2.3:a:kbvault_mysql_project:kbvault_mysql:0.16a:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.exploit-db.com/exploits/42184/nvdMitigationThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.