CVE-2013-6227 Information

Description

Unrestricted file upload vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to execute arbitrary code by uploading an executable file and then accessing this file at a location specified by the format parameter of a move operation.

Reference

http://pyd.io/pydio-core-5-0-4/ http://www.redfsec.com/CVE-2013-6227 https://www.exploit-db.com/exploits/46206/