English
Français
Light
Dark
System

Alert System

Stay informed at all times
Create an account Open a free account Login Manage your alerts

Dext5 2.7.1402870

CPE Details

Dext5 2.7.1402870
dext5
dext5
2.7.1402870
2020-05-27 18:25 +00:00
2020-05-27 18:25 +00:00
CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.
Alert management

CPE Name: cpe:2.3:a:dext5:dext5:2.7.1402870:*:*:*:*:*:*:*

Informations

Vendor

dext5

Product

dext5

Version

2.7.1402870

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-7832 2021-09-07 12:47 +00:00 A vulnerability (improper input validation) in the DEXT5 Upload solution allows an unauthenticated attacker to download and execute an arbitrary file via AddUploadFile, SetSelectItem, DoOpenFile function.(CVE-2020-7832)
9.8
CRITICAL
CVE-2020-13894 2020-06-06 22:33 +00:00 handler/upload_handler.jsp in DEXT5 Editor through 3.5.1402961 allows an attacker to download arbitrary files via the savefilepath field.
7.5
HIGH
CVE-2020-13442 2020-05-25 12:25 +00:00 A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. An attacker can upload a PHP file via dext5handler.jsp handler because the uploaded file is stored under dext5uploadeddata/.
9.8
CRITICAL

More information
Click on the button to the left (OFF), to authorize the inscription of cookie improving the functionalities of the site. Click on the button to the left (Accept all), to unauthorize the inscription of cookie improving the functionalities of the site.