22 matches found
CVE-2017-9602
KBVault Mysql Free Knowledge Base application package 0.16a comes with a FileExplorer/Explorer.aspx?id=/Uploads file-management component. An unauthenticated user can access the file upload and deletion functionality. Through this functionality, a user can upload an ASPX script to...
CVE-2017-9602
KBVault Mysql Free Knowledge Base application package 0.16a is affected by an arbitrary file upload vulnerability. The issue arises in the FileExplorer/Explorer.aspx component (id=/Uploads) which allows unauthenticated access to upload and delete functions. An attacker can upload an ASPX script t...