Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
extplorer extplorer vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-7305
Information Exposure vulnerability in eXtplorer makes the /usr/ and /etc/extplorer/ system directories world-accessible over HTTP. Introduced in the Makefile patch file debian/patches/debian-changes-2.1.0b6+dfsg-1 or debian/patches/adds-a-makefile.patch, this can lead to data lea...
Extplorer Extplorer
7.5
CVSSv2
CVE-2012-6710
ext_find_user in eXtplorer up to and including 2.1.2 allows remote malicious users to bypass authentication via a password[]= (aka an empty array) in an action=login request to index.php.
Extplorer Extplorer
6.8
CVSSv2
CVE-2016-4313
Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote malicious users to execute arbitrary files via a .. (dot dot) in an archive file.
Extplorer Extplorer 2.1.9
1 EDB exploit
6.8
CVSSv2
CVE-2015-5660
Cross-site request forgery (CSRF) vulnerability in eXtplorer prior to 2.1.8 allows remote malicious users to hijack the authentication of arbitrary users for requests that execute PHP code.
Extplorer Extplorer
6.8
CVSSv2
CVE-2012-3362
Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that add an administrator account via an adduser admin action.
Extplorer Extplorer
6.5
CVSSv2
CVE-2017-12756
Command inject in transfer from another server in extplorer 2.1.9 and prior allows malicious user to inject command via the userfile[0] parameter.
Extplorer Extplorer
5
CVSSv2
CVE-2008-4764
Directory traversal vulnerability in the eXtplorer module (com_extplorer) 2.0.0 RC2 and previous versions in Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the dir parameter in a show_error action.
Extplorer Com Extplorer
1 EDB exploit
4.3
CVSSv2
CVE-2015-0896
Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer prior to 2.1.7 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Extplorer Extplorer
3.6
CVSSv2
CVE-2012-3454
eXtplorer 2.1.0b6 uses world writable permissions for the /var/lib/extplorer/ftp_tmp directory, which allows local users to delete or overwrite arbitrary files.
Extplorer Extplorer 2.1.0
2.6
CVSSv2
CVE-2013-5951
Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer 2.1.3, when used as a component for Joomla!, allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) application.js.php in scripts/ or (2) admin.php, (3) copy_move.php, (4) funct...
Extplorer Extplorer 2.1.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »