CVE-2009-1314

2009-04-1700:00:00

mitre

www.cve.org

7.6 High

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.3%

JSON

body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.

References

exchange.xforce.ibmcloud.com/vulnerabilities/50389

www.exploit-db.com/exploits/8382