CVE-2009-1314

body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.

Date published : 2009-04-16

https://www.exploit-db.com/exploits/8382

https://exchange.xforce.ibmcloud.com/vulnerabilities/50389