Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
6 vulnerabilities by webfileexplorer
CVE-2009-1495 (GCVE-0-2009-1495)
Vulnerability from nvd – Published: 2009-05-01 16:00 – Updated: 2024-08-07 05:13
VLAI
EPSS
VEX
Summary
Web File Explorer 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for data/db.mdb.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/34648 | third-party-advisoryx_refsource_SECUNIA |
| https://www.exploit-db.com/exploits/8374 | exploitx_refsource_EXPLOIT-DB |
Date Public
2009-04-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34648",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34648"
},
{
"name": "8374",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/8374"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Web File Explorer 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for data/db.mdb."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "34648",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34648"
},
{
"name": "8374",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/8374"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Web File Explorer 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for data/db.mdb."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34648",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34648"
},
{
"name": "8374",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8374"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1495",
"datePublished": "2009-05-01T16:00:00.000Z",
"dateReserved": "2009-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:13:25.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1323 (GCVE-0-2009-1323)
Vulnerability from nvd – Published: 2009-04-17 10:00 – Updated: 2024-08-07 05:04
VLAI
EPSS
VEX
Summary
SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/34648 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/34462 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/8382 | exploitx_refsource_EXPLOIT-DB |
Date Public
2009-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "webfileexplorer-body-sql-injection(49801)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49801"
},
{
"name": "34648",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34648"
},
{
"name": "34462",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34462"
},
{
"name": "8382",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/8382"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "webfileexplorer-body-sql-injection(49801)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49801"
},
{
"name": "34648",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34648"
},
{
"name": "34462",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34462"
},
{
"name": "8382",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/8382"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1323",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "webfileexplorer-body-sql-injection(49801)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49801"
},
{
"name": "34648",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34648"
},
{
"name": "34462",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34462"
},
{
"name": "8382",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8382"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1323",
"datePublished": "2009-04-17T10:00:00.000Z",
"dateReserved": "2009-04-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:04:49.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1314 (GCVE-0-2009-1314)
Vulnerability from nvd – Published: 2009-04-17 00:00 – Updated: 2024-08-07 05:04
VLAI
EPSS
VEX
Summary
body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://www.exploit-db.com/exploits/8382 | exploitx_refsource_EXPLOIT-DB |
Date Public
2009-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "webfileexplorer-body-code-execution(50389)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50389"
},
{
"name": "8382",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/8382"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "webfileexplorer-body-code-execution(50389)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50389"
},
{
"name": "8382",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/8382"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1314",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "webfileexplorer-body-code-execution(50389)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50389"
},
{
"name": "8382",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8382"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1314",
"datePublished": "2009-04-17T00:00:00.000Z",
"dateReserved": "2009-04-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:04:49.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1495 (GCVE-0-2009-1495)
Vulnerability from cvelistv5 – Published: 2009-05-01 16:00 – Updated: 2024-08-07 05:13
VLAI
EPSS
VEX
Summary
Web File Explorer 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for data/db.mdb.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/34648 | third-party-advisoryx_refsource_SECUNIA |
| https://www.exploit-db.com/exploits/8374 | exploitx_refsource_EXPLOIT-DB |
Date Public
2009-04-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34648",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34648"
},
{
"name": "8374",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/8374"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Web File Explorer 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for data/db.mdb."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "34648",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34648"
},
{
"name": "8374",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/8374"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Web File Explorer 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for data/db.mdb."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34648",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34648"
},
{
"name": "8374",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8374"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1495",
"datePublished": "2009-05-01T16:00:00.000Z",
"dateReserved": "2009-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:13:25.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1323 (GCVE-0-2009-1323)
Vulnerability from cvelistv5 – Published: 2009-04-17 10:00 – Updated: 2024-08-07 05:04
VLAI
EPSS
VEX
Summary
SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/34648 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/34462 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/8382 | exploitx_refsource_EXPLOIT-DB |
Date Public
2009-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "webfileexplorer-body-sql-injection(49801)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49801"
},
{
"name": "34648",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34648"
},
{
"name": "34462",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34462"
},
{
"name": "8382",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/8382"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "webfileexplorer-body-sql-injection(49801)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49801"
},
{
"name": "34648",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34648"
},
{
"name": "34462",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34462"
},
{
"name": "8382",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/8382"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1323",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "webfileexplorer-body-sql-injection(49801)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49801"
},
{
"name": "34648",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34648"
},
{
"name": "34462",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34462"
},
{
"name": "8382",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8382"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1323",
"datePublished": "2009-04-17T10:00:00.000Z",
"dateReserved": "2009-04-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:04:49.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1314 (GCVE-0-2009-1314)
Vulnerability from cvelistv5 – Published: 2009-04-17 00:00 – Updated: 2024-08-07 05:04
VLAI
EPSS
VEX
Summary
body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://www.exploit-db.com/exploits/8382 | exploitx_refsource_EXPLOIT-DB |
Date Public
2009-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "webfileexplorer-body-code-execution(50389)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50389"
},
{
"name": "8382",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/8382"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "webfileexplorer-body-code-execution(50389)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50389"
},
{
"name": "8382",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/8382"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1314",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "webfileexplorer-body-code-execution(50389)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50389"
},
{
"name": "8382",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8382"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1314",
"datePublished": "2009-04-17T00:00:00.000Z",
"dateReserved": "2009-04-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:04:49.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}