Vulnerability Details CVE-2011-5005
Unrestricted file upload vulnerability in QuiXplorer 2.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension using the upload action to index.php, then accessing it via a direct request to the file in an unspecified directory.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.054
EPSS Ranking 89.6%
CVSS Severity
CVSS v2 Score 7.5
References
Products affected by CVE-2011-5005
-
cpe:2.3:a:claudio_klingler:quixplorer:*
-
cpe:2.3:a:claudio_klingler:quixplorer:1.0
-
cpe:2.3:a:claudio_klingler:quixplorer:1.1
-
cpe:2.3:a:claudio_klingler:quixplorer:1.2
-
cpe:2.3:a:claudio_klingler:quixplorer:1.4
-
cpe:2.3:a:claudio_klingler:quixplorer:1.5
-
cpe:2.3:a:claudio_klingler:quixplorer:1.6
-
cpe:2.3:a:claudio_klingler:quixplorer:2.0
-
cpe:2.3:a:claudio_klingler:quixplorer:2.1.1
-
cpe:2.3:a:claudio_klingler:quixplorer:2.2
-
cpe:2.3:a:mads_brunn:t3quixplorer:1.0.0
-
cpe:2.3:a:mads_brunn:t3quixplorer:1.0.1
-
cpe:2.3:a:mads_brunn:t3quixplorer:1.0.2
-
cpe:2.3:a:mads_brunn:t3quixplorer:1.2.0
-
cpe:2.3:a:mads_brunn:t3quixplorer:1.3.0
-
cpe:2.3:a:mads_brunn:t3quixplorer:1.4.0
-
cpe:2.3:a:mads_brunn:t3quixplorer:1.5.0
-
cpe:2.3:a:mads_brunn:t3quixplorer:1.6.0
-
cpe:2.3:a:mads_brunn:t3quixplorer:1.7.0
-
cpe:2.3:a:mads_brunn:t3quixplorer:1.7.1