CVE-2013-5353

Published: Jun 13, 2014Modified: May 6, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Unrestricted file upload vulnerability in system/controllers/ajax/attachments.php in Sharetronix 3.1.1.3, 3.1.1, and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.

Affected (2)

Products: Sharetronix: Sharetronix

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Sharetronix Sharetronix	Up to 3.1.1
Sharetronix Sharetronix	Version 3.1.1.3

References (10)

http://osvdb.org/100604

Source: PSIRT-CNA@flexerasoftware.com

http://secunia.com/advisories/53936

Source: PSIRT-CNA@flexerasoftware.com

http://secunia.com/secunia_research/2013-9/

Source: PSIRT-CNA@flexerasoftware.com

http://www.securityfocus.com/bid/64102

Source: PSIRT-CNA@flexerasoftware.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/89502

Source: PSIRT-CNA@flexerasoftware.com

http://osvdb.org/100604

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/53936

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/secunia_research/2013-9/

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/64102

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/89502

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.