Vendor
Webfileexplorer
Products
1
CVEs
3
Across products
3
Status
Private
Products
1- 3 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-1314 | 0.04 | — | 0.10 | Apr 17, 2009 | body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension. | |||
| CVE-2009-1495 | 0.03 | — | 0.02 | May 1, 2009 | Web File Explorer 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for data/db.mdb. | |||
| CVE-2009-1323 | 0.03 | — | 0.02 | Apr 17, 2009 | SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
- CVE-2009-1314Apr 17, 2009risk 0.04cvss —epss 0.10
body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.
- CVE-2009-1495May 1, 2009risk 0.03cvss —epss 0.02
Web File Explorer 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for data/db.mdb.
- CVE-2009-1323Apr 17, 2009risk 0.03cvss —epss 0.02
SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.