Cross-Site Scripting Vulnerabilities in eXtplorer for Joomla!
CVE-2013-5951

Currently unrated

Key Information:

Vendor

Extplorer

Status
Extplorer
Vendor
CVE Published:
25 March 2014

What is CVE-2013-5951?

eXtplorer 2.1.3 contains multiple cross-site scripting (XSS) vulnerabilities that could allow remote attackers to inject arbitrary web scripts or HTML. This is possible through manipulated PATH_INFO inputs to various scripts within the application, including application.js.php in the scripts directory and several PHP files such as admin.php, copy_move.php, functions.php, header.php, and upload.php in the include directory. Exploiting these weaknesses can lead to unauthorized access and the execution of malicious scripts in a user's browser.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://archives.neohapsis.com/archives/fulldisclosure/201...
mailing-listx_refsource_FULLDISC
http://secunia.com/advisories/57387
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/66262
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.