QuiXplorer 'index.php' Arbitrary File Upload Vulnerability Network Vulnerability

Summary

QuiXplorer is prone to an arbitrary-file-upload vulnerability because the application fails to adequately sanitize user-supplied input. An attacker can exploit this issue to upload arbitrary code and run it in the context of the webserver process. QuiXplorer 2.3 is vulnerable other versions may also be affected.

References

http://quixplorer.sourceforge.net/
http://www.securityfocus.com/bid/50673

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-5005

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

AWCM CMS Multiple Remote File Include Vulnerabilities
Apache Struts2 'URL' & 'Anchor' tags Arbitrary Java Method Execution Vulnerabilities
Allegro RomPager `Misfortune Cookie` Vulnerability
Atutor AChecker Multiple SQL Injection and XSS Vulnerabilities
b2Evolution title SQL Injection

Take action and discover your vulnerabilities