Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-6226

Опубликовано: 14 нояб. 2013
Источник: nvd
CVSS2: 8.5
EPSS Низкий

Описание

Directory traversal vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to read or delete arbitrary files via unspecified vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ajaxplorer:ajaxplorer:*:*:*:*:*:*:*:*
Версия до 5.0.3 (включая)
cpe:2.3:a:ajaxplorer:ajaxplorer:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:2.5:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:2.5.5:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:2.7.2:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:2.7.3:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:3.0:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:3.1:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:3.2:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:3.2.5:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:3.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:3.3.3:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:3.3.4:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:3.3.5:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:4.0:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:4.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:4.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ajaxplorer:ajaxplorer:5.0.2:*:*:*:*:*:*:*

EPSS

Процентиль: 79%
0.01265
Низкий

8.5 High

CVSS2

Дефекты

CWE-22

Связанные уязвимости

github логотип

GHSA-vf2x-75p3-wpfg

github
больше 3 лет назад

Directory traversal vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to read or delete arbitrary files via unspecified vectors.

EPSS

Процентиль: 79%
0.01265
Низкий

8.5 High

CVSS2

Дефекты

CWE-22