CVE-2013-6226

Ajaxplorer < 5.0.3 - Path Traversal

Title source: rule
STIX 2.1

Description

Directory traversal vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to read or delete arbitrary files via unspecified vectors.

References (5)

Core 5
Core References
Exploit, URL Repurposed x_refsource_misc
http://www.redfsec.com/CVE-2013-6226
Exploit mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2013-11/0043.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/88667
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/63647
Various Sources x_refsource_confirm
http://pyd.io/pydio-core-5-0-4

Scores

EPSS 0.0224
EPSS Percentile 80.7%

Details

CWE
CWE-22
Status published
Products (37)
ajaxplorer/ajaxplorer 2.3.3
ajaxplorer/ajaxplorer 2.3.4
ajaxplorer/ajaxplorer 2.5
ajaxplorer/ajaxplorer 2.5.4
ajaxplorer/ajaxplorer 2.5.5
ajaxplorer/ajaxplorer 2.6.0
ajaxplorer/ajaxplorer 2.7.1
ajaxplorer/ajaxplorer 2.7.2
ajaxplorer/ajaxplorer 2.7.3
ajaxplorer/ajaxplorer 3.0
... and 27 more
Published Nov 14, 2013
Tracked Since Feb 18, 2026