Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-6227

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2013-6227
Last Modified 29 Dec 2014 05:57:57
Published 27 Dec 2014 01:59:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-6227

Summary

Unrestricted file upload vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to execute arbitrary code by uploading an executable file, and then accessing this file at a location specified by the format parameter of a move operation.

Vulnerable Systems

Application

  • Ajaxplorer 5.0.3

  • Pydio 5.0.3


References

MISC - http://www.redfsec.com/CVE-2013-6227

MISC - http://pyd.io/pydio-core-5-0-4/


Last Updated: 27 May 2016 11:07:22