Lucene search
K

233 matches found

ubuntucve
ubuntucve
added 2018/10/07 6:29 p.m.30 views

CVE-2012-6710

extfinduser in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password= aka an empty array in an action=login request to index.php...

9.8CVSS7.3AI score0.24972EPSS
Exploits1References3
nvd
nvd
added 2018/10/07 6:29 p.m.14 views

CVE-2012-6710

extfinduser in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password= aka an empty array in an action=login request to index.php...

9.8CVSS9.6AI score0.24972EPSS
Exploits1References3
osv
osv
added 2018/10/07 6:29 p.m.4 views

UBUNTU-CVE-2012-6710

extfinduser in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password= aka an empty array in an action=login request to index.php...

9.8CVSS7.3AI score0.24972EPSS
Exploits1References4
cve
cve
added 2018/10/07 6:0 p.m.41 views

CVE-2012-6710

The CVE-2012-6710 issue affects eXtplorer (through version 2.1.2). It allows remote attackers to bypass authentication by sending password[]= (an empty array) in an action=login request to index.php, enabling unauthorized access. Affected component is ext_find_user; root cause is authentication b...

9.8CVSS9.4AI score0.24972EPSS
Exploits1References3Affected Software1
cvelist
cvelist
added 2018/10/07 6:0 p.m.19 views

CVE-2012-6710

extfinduser in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password= aka an empty array in an action=login request to index.php...

9.6AI score0.24972EPSS
Exploits1References3
circl
circl
added 2018/05/29 3:50 p.m.7 views

CVE-2012-6710

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/extploreruploadexec.rb 2018-10-07 22:25:55+00:00| seen| https://t.me/cibsecurity/557 2025-10-23 21:12:57+00:00| seen|...

9.8CVSS8.7AI score0.24972EPSS
Exploits1References2
openvas
openvas
added 2018/02/06 12:0 a.m.19 views

Debian: Security Advisory (DLA-1063-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS7.1AI score0.01165EPSS
Exploits0References3
nessus
nessus
added 2017/08/22 12:0 a.m.16 views

Debian DLA-1063-1 : extplorer security update

CVE-2017-12756 Fix command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter. For Debian 7 'Wheezy', these problems have been fixed in version 2.1.0b6+dfsg.3-4+deb7u5. We recommend that you upgrade your extplorer...

7.2CVSS7AI score0.01165EPSS
Exploits0References3
debian
debian
added 2017/08/21 7:44 p.m.23 views

[SECURITY] [DLA 1063-1] extplorer security update

Package : extplorer Version : 2.1.0b6+dfsg.3-4+deb7u5 CVE ID : CVE-2017-12756 CVE-2017-12756 Fix command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter. For Debian 7 "Wheezy", these problems have been fixed in...

7.2CVSS7.3AI score0.01165EPSS
Exploits0
osv
osv
added 2017/08/21 12:0 a.m.19 views

DLA-1063-1 extplorer - security update

Bulletin has no description...

7.2CVSS6.9AI score0.01165EPSS
Exploits0
cnvd
cnvd
added 2017/08/10 12:0 a.m.6 views

Extplorer Command Injection Vulnerability

eXtplorer is a PHP-based online file management program that supports online browsing of files and folders as well as logging into FTP servers as an FTP client. A command injection vulnerability exists in eXtplorer 2.1.9 and earlier versions. The vulnerability can be exploited to inject commands...

7.2CVSS7.2AI score0.01165EPSS
Exploits0References1
nvd
nvd
added 2017/08/09 9:29 p.m.19 views

CVE-2017-12756

Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...

7.2CVSS7AI score0.01165EPSS
Exploits0References1
osv
osv
added 2017/08/09 9:29 p.m.6 views

CVE-2017-12756

Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...

7.2CVSS5.8AI score0.01165EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2017/08/09 9:29 p.m.17 views

CVE-2017-12756

Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...

7.2CVSS7AI score0.01165EPSS
Exploits0References2
prion
prion
added 2017/08/09 9:29 p.m.13 views

Command injection

Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...

6.5CVSS7AI score0.01165EPSS
Exploits0References1Affected Software1
attackerkb
attackerkb
added 2017/08/09 9:29 p.m.3 views

CVE-2017-12756

Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...

7.2CVSS5.5AI score0.01165EPSS
Exploits0References2
cve
cve
added 2017/08/09 9:0 p.m.60 views

CVE-2017-12756

CVE-2017-12756 affects extplorer, specifically versions up to 2.1.9. The flaw is a command injection in the transfer workflow from another server, exploitable via the userfile[0] parameter, enabling an attacker to execute arbitrary commands on the affected system. Debian/DLA-1063-1 notes the fix ...

7.2CVSS7AI score0.01165EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2017/08/09 9:0 p.m.22 views

CVE-2017-12756

Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...

7AI score0.01165EPSS
Exploits0References1
joomla
joomla
added 2017/08/04 12:0 a.m.75 views

Extplorer, 2.1.9 and previous, Directory Traversal

Extplorer, 2.1.9, Directory Traversal cve: CVE-2016-4313 resolution: update to 2.1.10 update notice: http://extplorer.net/news/21...

7.8CVSS1.9AI score0.08679EPSS
Exploits5References3Affected Software1
ubuntucve
ubuntucve
added 2017/04/24 6:59 p.m.24 views

CVE-2016-4313

Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files via a .. dot dot in an archive file...

7.8CVSS7.4AI score0.08679EPSS
Exploits5References2
Rows per page
Query Builder