Home/Product/extplorer
Product

extplorer

18 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-54335
<= 2.1.14
eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating
9.8CRITICAL
 CVE-2025-13058
<= 2.1.15
A security flaw has been discovered in soerennb eXtplorer up to 2.1.15. The affected element is an unknown function of the compone
3.5LOW
 CVE-2023-40628
>= 1.0.0 and <= 2.1.5
A reflected XSS vulnerability was discovered in the Extplorer component for Joomla.
6.1MEDIUM
 CVE-2023-29657
all versions
eXtplorer 2.1.15 is vulnerable to Insecure Permissions. File upload in file manager allows uploading zip file containing php pages
8.8HIGH
 CVE-2023-27842
all versions
Insecure Permissions vulnerability found in Extplorer File manager eXtplorer v.2.1.15 allows a remote attacker to execute arbitrar
8.8HIGH
 CVE-2019-25098
< 2.1.13
A vulnerability was found in soerennb eXtplorer up to 2.1.12. It has been classified as critical. This affects an unknown part of
5.5MEDIUM
 CVE-2019-25097
< 2.1.13
A vulnerability was found in soerennb eXtplorer up to 2.1.12 and classified as critical. Affected by this issue is some unknown fu
5.5MEDIUM
 CVE-2019-25096
< 2.1.13
A vulnerability has been found in soerennb eXtplorer up to 2.1.12 and classified as problematic. Affected by this vulnerability is
3.5LOW
 CVE-2019-7305
<= 2.1.0
Information Exposure vulnerability in eXtplorer makes the /usr/ and /etc/extplorer/ system directories world-accessible over HTTP.
5.8MEDIUM
 CVE-2012-6710
<= 2.1.2
ext_find_user in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password[]= (aka an empty array) i
9.8CRITICAL
 CVE-2017-12756
<= 2.1.9
Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile[0]
7.2HIGH
 CVE-2016-4313
all versions
Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files v
7.8HIGH
 CVE-2015-5660
<= 2.1.7
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of
 CVE-2015-0896
<= 2.1.6
Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer before 2.1.7 allow remote attackers to inject arbitrary web scrip
 CVE-2013-5951
all versions
Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer 2.1.3, when used as a component for Joomla!, allow remote attacke
 CVE-2012-3454
all versions
eXtplorer 2.1.0b6 uses world writable permissions for the /var/lib/extplorer/ftp_tmp directory, which allows local users to delete
 CVE-2012-3362
<= 2.1.0
Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 and earlier allows remote attackers to hijack the authenticat
 CVE-2008-4764
<= 2.0.0
Directory traversal vulnerability in the eXtplorer module (com_extplorer) 2.0.0 RC2 and earlier in Joomla! allows remote attackers
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns TAXII feed Data sources
About All capabilities Pricing API docs Live statistics Live status Privacy policy Terms of service
threatengine.sh