← back
CVE-2013-6227

CVE-2013-6227

EPSS 8.0%
Unrestricted file upload vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to execute arbitrary code by uploading an executable file, and then accessing this file at a location specified by the format parameter of a move operation.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/46206/unverifiedexploitdbwww.exploit-db.com/exploits/46206unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://pyd.io/pydio-core-5-0-4/https://www.exploit-db.com/exploits/46206/http://www.redfsec.com/CVE-2013-6227