body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.
CPE | Name | Operator | Version |
---|---|---|---|
web_file_explorer | eq | 3.1 |