Directory Traversal Vulnerability in AjaXplorer 3.2.x and 4.0.x
CVE-2012-1839

Currently unrated

Key Information:

Vendor

Ajaxplorer

Status
Ajaxplorer
Vendor
CVE Published:
22 March 2012

What is CVE-2012-1839?

Multiple vulnerabilities exist within the AjaXplorer's Get Template feature, specifically affecting the plugins/gui.ajax/class.AJXP_ClientDriver.php file. Attackers can exploit these vulnerabilities to perform directory traversal, potentially allowing them to access and execute arbitrary local files on the server. This is executed using manipulative parameters such as pluginName or pluginPath during a get_template action. It is crucial for users of the affected versions to apply the necessary updates to mitigate risks associated with remote code execution.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/48226
third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/73671
vdb-entryx_refsource_XF
http://ajaxplorer.info/ajaxplorer-4-0-4/
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.