CVE-2009-1314 Information

Description

body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.

Reference

https://exchange.xforce.ibmcloud.com/vulnerabilities/50389 https://www.exploit-db.com/exploits/8382