Vulnerability Description
body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Webfileexplorer | Web File Explorer | 3.1 |
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50389
- https://www.exploit-db.com/exploits/8382
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50389
- https://www.exploit-db.com/exploits/8382
FAQ
What is CVE-2009-1314?
CVE-2009-1314 is a vulnerability with a CVSS score of 10.0 (HIGH). body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executabl...
How severe is CVE-2009-1314?
CVE-2009-1314 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-1314?
Check the references section above for vendor advisories and patch information. Affected products include: Webfileexplorer Web File Explorer.