Webfileexplorer » Web File Explorer : Security Vulnerabilities, CVEs,
Web File Explorer 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for data/db.mdb.
Max CVSS
5.0
EPSS Score
0.32%
Published
2009-05-01
Updated
2017-09-29
SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.10%
Published
2009-04-17
Updated
2017-09-29
body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.
Max CVSS
10.0
EPSS Score
1.98%
Published
2009-04-17
Updated
2017-09-29
3 vulnerabilities found