Lucene search
HistoryDec 25, 2011 - 1:55 a.m.
CVE-2011-5005
cve-2011-5005
file upload vulnerability
quixplorer
code execution
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.025 Low
EPSS
Percentile
90.2%
Unrestricted file upload vulnerability in QuiXplorer 2.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension using the upload action to index.php, then accessing it via a direct request to the file in an unspecified directory.
Affected configurations
Node
claudio_klinglerquixplorerRange≤2.3
ORclaudio_klinglerquixplorerMatch1.0
ORclaudio_klinglerquixplorerMatch1.1
ORclaudio_klinglerquixplorerMatch1.2
ORclaudio_klinglerquixplorerMatch1.4
ORclaudio_klinglerquixplorerMatch1.5
ORclaudio_klinglerquixplorerMatch1.6
ORclaudio_klinglerquixplorerMatch2.0
ORclaudio_klinglerquixplorerMatch2.1.1
ORclaudio_klinglerquixplorerMatch2.2
ORmads_brunnt3quixplorerMatch1.0.0-
ORmads_brunnt3quixplorerMatch1.0.1
ORmads_brunnt3quixplorerMatch1.0.2
ORmads_brunnt3quixplorerMatch1.2.0
ORmads_brunnt3quixplorerMatch1.3.0
ORmads_brunnt3quixplorerMatch1.4.0
ORmads_brunnt3quixplorerMatch1.5.0
ORmads_brunnt3quixplorerMatch1.6.0
ORmads_brunnt3quixplorerMatch1.7.0
ORmads_brunnt3quixplorerMatch1.7.1
Related
cvelist
cvelist
CVE-2011-5005
2011-12-25 01:00:00
nvd
nvd
CVE-2011-5005
2011-12-25 01:55:04
openvas
openvas
QuiXplorer 'index.php' Arbitrary File Upload Vulnerability
2012-01-05 00:00:00
QuiXplorer 'index.php' Arbitrary File Upload Vulnerability
2012-01-05 00:00:00
prion
prion
Unrestricted file upload
2011-12-25 01:55:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.025 Low
EPSS
Percentile
90.2%
Related for CVE-2011-5005