Pca

**Name of the Vulnerable Software and Affected Versions** QuiXplorer versions 2.3 and earlier **Description** The issue allows remote attackers to execute arbitrary code by uploading a file with an executable extension using the "upload action" to "index.php", then accessing it via a direct request to the file in an unspecified directory. **Recommendations** For QuiXplorer versions 2.3 and earlier, consider restricting or disabling the file upload functionality, specifically the upload action to "index.php", until a fix is available. Additionally, restrict access to directories where uploaded files are stored to minimize the risk of exploitation.