WhiteSource Vulnerability Database
We found results for “”
Good to know:
Date: December 27, 2014
Unrestricted file upload vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to execute arbitrary code by uploading an executable file, and then accessing this file at a location specified by the format parameter of a move operation.
Upgrade to version pydio-core-5.0.4
|Access Vector (AV):||NETWORK|
|Access Complexity (AC):||LOW|