English
Français
Light
Dark
System

Alert System

Stay informed at all times
Create an account Open a free account Login Manage your alerts

DEXT5 DEXT5Upload

CPE Details

DEXT5 DEXT5Upload
dext5
dext5upload
-
2020-12-31 14:35 +00:00
2020-12-31 14:35 +00:00
CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.
Alert management

CPE Name: cpe:2.3:a:dext5:dext5upload:-:*:*:*:*:*:*:*

Informations

Vendor

dext5

Product

dext5upload

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-7875 2021-10-28 13:28 +00:00 DEXT5 Upload 5.0.0.117 and earlier versions contain a vulnerability, which could allow remote attacker to download and execute remote file by setting the argument, variable in the activeX module. This can be leveraged for code execution.
8.8
HIGH
CVE-2020-35362 2020-12-26 04:19 +00:00 DEXT5Upload 2.7.1262310 and earlier is affected by Directory Traversal in handler/dext5handler.jsp. This could allow remote files to be downloaded via a dext5CMD=downloadRequest action with traversal in the fileVirtualPath parameter (the attacker must provide the correct fileOrgName value).
7.5
HIGH

More information
Click on the button to the left (OFF), to authorize the inscription of cookie improving the functionalities of the site. Click on the button to the left (Accept all), to unauthorize the inscription of cookie improving the functionalities of the site.