CVE-2013-1641
Published
CVSS v3
N/A
CVSS v2
7.8
HIGH
Affected
1
PROJECT
Description
Directory traversal vulnerability in the zip download functionality in QuiXplorer before 2.5.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the selitems[] parameter in a download_selected action to index.php.
simply upload and download files to your webserver with a web-interface
GitHub