Every CVE whose affected-product data names Extplorer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-2023-54335 — CVSS 9.8 (critical): eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating the…
CVE-2012-6710 — CVSS 9.8 (critical): ext_find_user in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password[]= (aka an empty array) in an…
CVE-2023-29657 — CVSS 8.8 (high): eXtplorer 2.1.15 is vulnerable to Insecure Permissions. File upload in file manager allows uploading zip file containing php pages with…
CVE-2023-27842 — CVSS 8.8 (high): Insecure Permissions vulnerability found in Extplorer File manager eXtplorer v.2.1.15 allows a remote attacker to execute arbitrary code…
CVE-2016-4313 — CVSS 7.8 (high): Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files via a…
CVE-2017-12756 — CVSS 7.2 (high): Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile[0] parameter.
CVE-2015-5660 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary…
CVE-2012-3362 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 and earlier allows remote attackers to hijack the authentication of…
CVE-2019-7305 — CVSS 5.8 (medium): Information Exposure vulnerability in eXtplorer makes the /usr/ and /etc/extplorer/ system directories world-accessible over HTTP…
CVE-2019-25097 — CVSS 5.5 (medium): A vulnerability was found in soerennb eXtplorer up to 2.1.12 and classified as critical. Affected by this issue is some unknown…
CVE-2019-25098 — CVSS 5.5 (medium): A vulnerability was found in soerennb eXtplorer up to 2.1.12. It has been classified as critical. This affects an unknown part of the file…
CVE-2015-0896 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer before 2.1.7 allow remote attackers to inject arbitrary web script or HTML…
CVE-2012-3454 — CVSS 3.6 (low): eXtplorer 2.1.0b6 uses world writable permissions for the /var/lib/extplorer/ftp_tmp directory, which allows local users to delete or…
CVE-2025-13058 — CVSS 3.5 (low): A security flaw has been discovered in soerennb eXtplorer up to 2.1.15. The affected element is an unknown function of the component…
CVE-2019-25096 — CVSS 3.5 (low): A vulnerability has been found in soerennb eXtplorer up to 2.1.12 and classified as problematic. Affected by this vulnerability is an…
CVE-2013-5951 — CVSS 2.6 (low): Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer 2.1.3, when used as a component for Joomla!, allow remote attackers to…