Vulnerabilities (CVE)

Filtered by vendor Webfileexplorer Subscribe
Filtered by product Web File Explorer
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-1495 1 Webfileexplorer 1 Web File Explorer 2024-11-21 5.0 MEDIUM N/A
Web File Explorer 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for data/db.mdb.
CVE-2009-1323 1 Webfileexplorer 1 Web File Explorer 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-1314 1 Webfileexplorer 1 Web File Explorer 2024-11-21 10.0 HIGH N/A
body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.