eXtplorer - PHP-based File Manager: eXtplorer 2.1.10 has been released (1 comment)

Added by Sören Eberhardt-Biermann about 1 year ago

eXtplorer version 2.1.10 has been released!

These are the changes:
- fixed vulnerability discovered by ADLab of Venustech (command injection, but requires admin access)
- webdav display UPPER/CASE/FULL/PATH with some webdav client
- standalone extplorer webdav does not work with PHP7
- CVE-2016-4313: archive path traversal vulnerability in extplorer 2.1.9
- #202 Users with read only permissions should not be able to extract archives.
- added indonesian language files

An update is highly recommended.

eXtplorer - PHP-based File Manager: eXtplorer 2.1.6 released

Added by Sören Eberhardt-Biermann almost 4 years ago

eXtplorer Version 2.1.6 has been released with the following changes:

- fixed https usage for ports other than 443
- fixed XSS issue related to PHP_SELF
- added date range filtering to file search
- simplified search function
- fixed scrambled non-ASCII file names on UTF-8 systems

Please update to this new eXtplorer version as it fixes an XSS security issue. Also the UTF-8 fix is recommended for users with non-ASCII filenames.

eXtplorer - PHP-based File Manager: eXtplorer 2.1.3 Security Release

Added by Sören Eberhardt-Biermann almost 6 years ago

This morning we were notified of a problem within the authentication system of eXtplorer by Brendan Coles of Versions 2.1.2, 2.1.1, 2.1.0 and 2.1.0RC5 have found to be vulnerable to an authentication bypass bug.
This bug has been fixed in the latest release of eXtplorer (2.1.3), which you should download and install/upgrade immediately!
If you just want a quick fix, please download the attached file called users.php and put it into the eXtplorer subfolder "/include", in Joomla! installations it can be found under "/administrator/components/com_extplorer/include". Just replace the existing file with this new one.


Also available in: Atom