233 matches found
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in eXtplorer 2.1 RC3 and earlier allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via an adduser admin action...
CVE-2012-3362
Cross-site request forgery CSRF vulnerability in eXtplorer 2.1 RC3 and earlier allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via an adduser admin action...
CVE-2012-3362
CVE-2012-3362 describes a Cross-site request forgery (CSRF) in eXtplorer up to version 2.1 RC3 and earlier. An attacker could hijack administrator authentication to perform actions—specifically, to add an administrator account via an adduser admin action. Affected software is eXtplorer; root caus...
DSA-2510-1 extplorer - Cross-site request forgery
Bulletin has no description...
eXtplorer 2.1 RC3 Cross Site Request Forgery
------------------------------------------------------------------------ --Description-- A cross-site request forgery vulnerability in eXtplorer 2.1 RC3 can be exploited to create a new admin. --PoC-- input type="hidden"...
[ISecAuditors Security Advisories] eXtplorer Remote Code Execution
============================================= INTERNET SECURITY AUDITORS ALERT 2009-002 - Original release date: January 7th, 2009 - Last revised: March 2nd, 2009 - Discovered by: Juan Galiana Lara - Severity: 9/10 CVSS scored ============================================= I. VULNERABILITY...
eXtplorer include/init.php本地文件包含漏洞
eXtplorer include/init.php本地文件包含漏洞 发布日期:2009-03-02 更新日期:2009-03-03 受影响系统: Soeren Eberhardt eXtplorer 2.0.0 不受影响系统: Soeren Eberhardt eXtplorer 2.0.1 描述:BUGTRAQ ID: 33955 eXtplorer是一款基于web的文件管理组件。...
eXtplorer Code Execution
============================================= INTERNET SECURITY AUDITORS ALERT 2009-002 - Original release date: January 7th, 2009 - Last revised: March 2nd, 2009 - Discovered by: Juan Galiana Lara - Severity: 9/10 CVSS scored ============================================= I. VULNERABILITY...
Joomla/Mambo Component eXtplorer Code Execution Vulnerability
Exploit for unknown platform in category web applications ============================================================= Joomla/Mambo Component eXtplorer Code Execution Vulnerability ============================================================= ============================================= INTERNE...
CVE-2008-4764
Directory traversal vulnerability in the eXtplorer module comextplorer 2.0.0 RC2 and earlier in Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the dir parameter in a showerror action...
Directory traversal
Directory traversal vulnerability in the eXtplorer module comextplorer 2.0.0 RC2 and earlier in Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the dir parameter in a showerror action...
CVE-2008-4764
Directory traversal vulnerability in the eXtplorer module comextplorer 2.0.0 RC2 and earlier in Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the dir parameter in a showerror action...
CVE-2008-4764
The connected template confirms CVE-2008-4764 affects Joomla! ≤2.0.0 RC2 via the eXtplorer (com_extplorer) module, enabling Local File Inclusion by passing a “..” in the dir parameter of show_error. Impact is the reading of arbitrary server files. Root cause: directory traversal in show_error act...