233 matches found
CVE-2012-6710
extfinduser in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password= aka an empty array in an action=login request to index.php...
CVE-2012-6710
extfinduser in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password= aka an empty array in an action=login request to index.php...
UBUNTU-CVE-2012-6710
extfinduser in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password= aka an empty array in an action=login request to index.php...
CVE-2012-6710
The CVE-2012-6710 issue affects eXtplorer (through version 2.1.2). It allows remote attackers to bypass authentication by sending password[]= (an empty array) in an action=login request to index.php, enabling unauthorized access. Affected component is ext_find_user; root cause is authentication b...
CVE-2012-6710
extfinduser in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password= aka an empty array in an action=login request to index.php...
CVE-2012-6710
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/extploreruploadexec.rb 2018-10-07 22:25:55+00:00| seen| https://t.me/cibsecurity/557 2025-10-23 21:12:57+00:00| seen|...
Debian: Security Advisory (DLA-1063-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-1063-1 : extplorer security update
CVE-2017-12756 Fix command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter. For Debian 7 'Wheezy', these problems have been fixed in version 2.1.0b6+dfsg.3-4+deb7u5. We recommend that you upgrade your extplorer...
[SECURITY] [DLA 1063-1] extplorer security update
Package : extplorer Version : 2.1.0b6+dfsg.3-4+deb7u5 CVE ID : CVE-2017-12756 CVE-2017-12756 Fix command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter. For Debian 7 "Wheezy", these problems have been fixed in...
DLA-1063-1 extplorer - security update
Bulletin has no description...
Extplorer Command Injection Vulnerability
eXtplorer is a PHP-based online file management program that supports online browsing of files and folders as well as logging into FTP servers as an FTP client. A command injection vulnerability exists in eXtplorer 2.1.9 and earlier versions. The vulnerability can be exploited to inject commands...
CVE-2017-12756
Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...
CVE-2017-12756
Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...
CVE-2017-12756
Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...
Command injection
Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...
CVE-2017-12756
Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...
CVE-2017-12756
CVE-2017-12756 affects extplorer, specifically versions up to 2.1.9. The flaw is a command injection in the transfer workflow from another server, exploitable via the userfile[0] parameter, enabling an attacker to execute arbitrary commands on the affected system. Debian/DLA-1063-1 notes the fix ...
CVE-2017-12756
Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...
Extplorer, 2.1.9 and previous, Directory Traversal
Extplorer, 2.1.9, Directory Traversal cve: CVE-2016-4313 resolution: update to 2.1.10 update notice: http://extplorer.net/news/21...
CVE-2016-4313
Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files via a .. dot dot in an archive file...