CVE-2013-5688

Опубликовано: 05 нояб. 2013

Источник: nvd

CVSS2: 5.5

EPSS Низкий

Описание

Multiple directory traversal vulnerabilities in index.php in AjaXplorer 5.0.2 and earlier allow remote authenticated users to read arbitrary files via a ../%00 (dot dot backslash encoded null byte) in the file parameter in a (1) download or (2) get_content action, or (3) upload arbitrary files via a ../%00 (dot dot backslash encoded null byte) in the dir parameter in an upload action.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ajaxplorer:ajaxplorer:*:*:*:*:*:*:*:*

Версия до 5.0.2 (включая)

cpe:2.3:a:ajaxplorer:ajaxplorer:2.3.3:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:2.3.4:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:2.5:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:2.5.4:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:2.5.5:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:2.6.0:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:2.7.1:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:2.7.2:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:2.7.3:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:3.0:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:3.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:3.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:3.1:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:3.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:3.2:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:3.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:3.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:3.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:3.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:3.2.5:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:3.3.2:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:3.3.3:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:3.3.4:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:3.3.5:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:4.0:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:4.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:4.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:4.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:5.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ajaxplorer:ajaxplorer:5.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.03043

Низкий

5.5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

CVE-2013-5688

debian

больше 12 лет назад

Multiple directory traversal vulnerabilities in index.php in AjaXplore ...

GHSA-cjh4-mhqp-h65f

github

больше 3 лет назад