2 matches found
CVE-2017-12761
http://codecanyon.net/user/Endober WebFile Explorer 1.0 is affected by: SQL Injection. The impact is: Arbitrary File Download remote. The component is: $file = $GET'id' in download.php. The attack vector is:...
CVE-2017-12761
CVE-2017-12761 affects WebFile Explorer 1.0. The vulnerability arises from using the GET parameter in download.php (component: $file = $_GET['id']), enabling SQL Injection that leads to Arbitrary File Download (remote) via the attack vector download.php?id=WebExplorer/../config.php. Affected soft...