Ajaxplorer » Ajaxplorer : Security Vulnerabilities, CVEs, Published In 2014 (Code Execution)
Unrestricted file upload vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to execute arbitrary code by uploading an executable file, and then accessing this file at a location specified by the format parameter of a move operation.
Max CVSS
7.5
EPSS Score
13.91%
Published
2014-12-27
Updated
2019-01-19
1 vulnerabilities found