Extplorer

Extplorer

17 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2023-54335

Exploit
  • EPSS 0.41%
  • Veröffentlicht 13.01.2026 22:52:08
  • Zuletzt bearbeitet 03.02.2026 19:25:21

eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating the login request. Attackers can exploit this flaw to upload malicious PHP files and execute remote commands on the vul...

5.4

CVE-2025-13058

Exploit
  • EPSS 0.07%
  • Veröffentlicht 12.11.2025 19:32:06
  • Zuletzt bearbeitet 24.02.2026 07:16:42

A security flaw has been discovered in soerennb eXtplorer up to 2.1.15. The affected element is an unknown function of the component Filename Handler. The manipulation results in cross site scripting. The attack may be launched remotely. The patch is...

6.1

CVE-2023-40628

  • EPSS 0.57%
  • Veröffentlicht 14.12.2023 09:15:41
  • Zuletzt bearbeitet 21.11.2024 08:19:51

A reflected XSS vulnerability was discovered in the Extplorer component for Joomla.

8.8

CVE-2023-29657

Exploit
  • EPSS 0.22%
  • Veröffentlicht 12.05.2023 11:15:12
  • Zuletzt bearbeitet 24.01.2025 20:15:29

eXtplorer 2.1.15 is vulnerable to Insecure Permissions. File upload in file manager allows uploading zip file containing php pages with arbitrary code executions.

8.8

CVE-2023-27842

Exploit
  • EPSS 48.31%
  • Veröffentlicht 21.03.2023 15:15:12
  • Zuletzt bearbeitet 26.02.2025 18:15:12

Insecure Permissions vulnerability found in Extplorer File manager eXtplorer v.2.1.15 allows a remote attacker to execute arbitrary code via the index.php compenent

9.8

CVE-2019-25098

  • EPSS 0.52%
  • Veröffentlicht 05.01.2023 08:15:08
  • Zuletzt bearbeitet 21.11.2024 04:39:56

A vulnerability was found in soerennb eXtplorer up to 2.1.12. It has been classified as critical. This affects an unknown part of the file include/archive.php of the component Archive Handler. The manipulation leads to path traversal. Upgrading to ve...

9.8

CVE-2019-25097

  • EPSS 0.53%
  • Veröffentlicht 05.01.2023 08:15:08
  • Zuletzt bearbeitet 21.11.2024 04:39:55

A vulnerability was found in soerennb eXtplorer up to 2.1.12 and classified as critical. Affected by this issue is some unknown functionality of the component Directory Content Handler. The manipulation leads to path traversal. Upgrading to version 2...

6.1

CVE-2019-25096

  • EPSS 0.33%
  • Veröffentlicht 05.01.2023 08:15:08
  • Zuletzt bearbeitet 21.11.2024 04:39:55

A vulnerability has been found in soerennb eXtplorer up to 2.1.12 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgradin...

9.8

CVE-2019-7305

  • EPSS 1.17%
  • Veröffentlicht 10.04.2020 00:15:11
  • Zuletzt bearbeitet 21.11.2024 04:47:58

Information Exposure vulnerability in eXtplorer makes the /usr/ and /etc/extplorer/ system directories world-accessible over HTTP. Introduced in the Makefile patch file debian/patches/debian-changes-2.1.0b6+dfsg-1 or debian/patches/adds-a-makefile.pa...

9.8

CVE-2012-6710

Exploit
  • EPSS 76.48%
  • Veröffentlicht 07.10.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 01:46:43

ext_find_user in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password[]= (aka an empty array) in an action=login request to index.php.