CVE-2013-6226

EUVD-2013-6055
Directory traversal vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to read or delete arbitrary files via unspecified vectors.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
Affected Products (NVD)
VendorProductVersion
ajaxplorerajaxplorer
𝑥
≤ 5.0.3
ajaxplorerajaxplorer
2.3.3
ajaxplorerajaxplorer
2.3.4
ajaxplorerajaxplorer
2.5
ajaxplorerajaxplorer
2.5.4
ajaxplorerajaxplorer
2.5.5
ajaxplorerajaxplorer
2.6.0
ajaxplorerajaxplorer
2.7.1
ajaxplorerajaxplorer
2.7.2
ajaxplorerajaxplorer
2.7.3
ajaxplorerajaxplorer
3.0
ajaxplorerajaxplorer
3.0.1
ajaxplorerajaxplorer
3.0.2
ajaxplorerajaxplorer
3.0.3
ajaxplorerajaxplorer
3.1
ajaxplorerajaxplorer
3.1.1
ajaxplorerajaxplorer
3.2
ajaxplorerajaxplorer
3.2.1
ajaxplorerajaxplorer
3.2.2
ajaxplorerajaxplorer
3.2.3
ajaxplorerajaxplorer
3.2.4
ajaxplorerajaxplorer
3.2.5
ajaxplorerajaxplorer
3.3.2
ajaxplorerajaxplorer
3.3.3
ajaxplorerajaxplorer
3.3.4
ajaxplorerajaxplorer
3.3.5
ajaxplorerajaxplorer
4.0
ajaxplorerajaxplorer
4.0.1
ajaxplorerajaxplorer
4.0.2
ajaxplorerajaxplorer
4.0.3
ajaxplorerajaxplorer
4.0.4
ajaxplorerajaxplorer
4.2.0
ajaxplorerajaxplorer
4.2.2
ajaxplorerajaxplorer
4.2.3
ajaxplorerajaxplorer
5.0.0
ajaxplorerajaxplorer
5.0.1
ajaxplorerajaxplorer
5.0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2013-11/0043.html
http://pyd.io/pydio-core-5-0-4
http://www.redfsec.com/CVE-2013-6226
http://www.securityfocus.com/bid/63647
https://exchange.xforce.ibmcloud.com/vulnerabilities/88667
http://archives.neohapsis.com/archives/bugtraq/2013-11/0043.html
http://pyd.io/pydio-core-5-0-4
http://www.redfsec.com/CVE-2013-6226
http://www.securityfocus.com/bid/63647
https://exchange.xforce.ibmcloud.com/vulnerabilities/88667