CVE-2011-5005
published 2011-12-25CVE-2011-5005: Unrestricted file upload vulnerability in QuiXplorer 2.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable…
PriorityP355high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
3.94%
89.1th percentile
Unrestricted file upload vulnerability in QuiXplorer 2.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension using the upload action to index.php, then accessing it via a direct request to the file in an unspecified directory.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| claudio_klingler | quixplorer | <= 2.3 | — |
| claudio_klingler | quixplorer | — | — |
| claudio_klingler | quixplorer | — | — |
| claudio_klingler | quixplorer | — | — |
| claudio_klingler | quixplorer | — | — |
| claudio_klingler | quixplorer | — | — |
| claudio_klingler | quixplorer | — | — |
| claudio_klingler | quixplorer | — | — |
| claudio_klingler | quixplorer | — | — |
| claudio_klingler | quixplorer | — | — |
| mads_brunn | t3quixplorer | — | — |
| mads_brunn | t3quixplorer | — | — |
| mads_brunn | t3quixplorer | — | — |
| mads_brunn | t3quixplorer | — | — |
| mads_brunn | t3quixplorer | — | — |
| mads_brunn | t3quixplorer | — | — |
| mads_brunn | t3quixplorer | — | — |
| mads_brunn | t3quixplorer | — | — |
| mads_brunn | t3quixplorer | — | — |
| mads_brunn | t3quixplorer | — | — |
| msrc | microsoft_edge | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_msrc8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6r5j-4fjx-5598: Unrestricted file upload vulnerability in QuiXplorer 2
ghsa_unreviewed·2022-05-17
CVE-2011-5005 [HIGH] GHSA-6r5j-4fjx-5598: Unrestricted file upload vulnerability in QuiXplorer 2
Unrestricted file upload vulnerability in QuiXplorer 2.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension using the upload action to index.php, then accessing it via a direct request to the file in an unspecified directory.
Microsoft
Chromium: CVE-2022-2011 Use after free in ANGLE
vendor_msrc·2022-06-14·CVSS 8.8
CVE-2022-2011 [HIGH] Chromium: CVE-2022-2011 Use after free in ANGLE
Chromium: CVE-2022-2011 Use after free in ANGLE
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
102.0.1245.41
6/13/2022
102.0.5005.115
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In you
No detection rules found.
No writeups or analysis indexed.
2011-12-25
Published