4 matches found
CVE-2017-9602
KBVault Mysql Free Knowledge Base application package 0.16a comes with a FileExplorer/Explorer.aspx?id=/Uploads file-management component. An unauthenticated user can access the file upload and deletion functionality. Through this functionality, a user can upload an ASPX script to...
CVE-2017-9602
KBVault Mysql Free Knowledge Base application package 0.16a comes with a FileExplorer/Explorer.aspx?id=/Uploads file-management component. An unauthenticated user can access the file upload and deletion functionality. Through this functionality, a user can upload an ASPX script to...
CVE-2017-9602
KBVault Mysql Free Knowledge Base application package 0.16a is affected by an arbitrary file upload vulnerability. The issue arises in the FileExplorer/Explorer.aspx component (id=/Uploads) which allows unauthenticated access to upload and delete functions. An attacker can upload an ASPX script t...
KBVault MySQL 0.16a - Arbitrary File Upload
KBVault MySQL 0.16a - Arbitrary File Upload Exploit Title: KBVault MySQL v0.16a - Unauthenticated File Upload to Run Code Google Dork: inurl:"FileExplorer/Explorer.aspx" Date: 2017-06-14 Exploit Author: Fatih Emiral Vendor Homepage: http://kbvaultmysql.codeplex.com/ Software Link:...