Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
extplorer extplorer vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2016-4313
Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote malicious users to execute arbitrary files via a .. (dot dot) in an archive file.
Extplorer Extplorer 2.1.9
1 EDB exploit
668
VMScore
CVE-2019-7305
Information Exposure vulnerability in eXtplorer makes the /usr/ and /etc/extplorer/ system directories world-accessible over HTTP. Introduced in the Makefile patch file debian/patches/debian-changes-2.1.0b6+dfsg-1 or debian/patches/adds-a-makefile.patch, this can lead to data lea...
Extplorer Extplorer
668
VMScore
CVE-2012-6710
ext_find_user in eXtplorer up to and including 2.1.2 allows remote malicious users to bypass authentication via a password[]= (aka an empty array) in an action=login request to index.php.
Extplorer Extplorer
605
VMScore
CVE-2015-5660
Cross-site request forgery (CSRF) vulnerability in eXtplorer prior to 2.1.8 allows remote malicious users to hijack the authentication of arbitrary users for requests that execute PHP code.
Extplorer Extplorer
605
VMScore
CVE-2012-3362
Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that add an administrator account via an adduser admin action.
Extplorer Extplorer
578
VMScore
CVE-2017-12756
Command inject in transfer from another server in extplorer 2.1.9 and prior allows malicious user to inject command via the userfile[0] parameter.
Extplorer Extplorer
505
VMScore
CVE-2008-4764
Directory traversal vulnerability in the eXtplorer module (com_extplorer) 2.0.0 RC2 and previous versions in Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the dir parameter in a show_error action.
Extplorer Com Extplorer
1 EDB exploit
383
VMScore
CVE-2015-0896
Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer prior to 2.1.7 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Extplorer Extplorer
320
VMScore
CVE-2012-3454
eXtplorer 2.1.0b6 uses world writable permissions for the /var/lib/extplorer/ftp_tmp directory, which allows local users to delete or overwrite arbitrary files.
Extplorer Extplorer 2.1.0
231
VMScore
CVE-2013-5951
Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer 2.1.3, when used as a component for Joomla!, allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) application.js.php in scripts/ or (2) admin.php, (3) copy_move.php, (4) funct...
Extplorer Extplorer 2.1.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »