Project

General

Profile

eXtplorer 2.1.3 Security Release

Security Alert: eXtplorer versions 2.1.2, 2.1.1, 2.1.0 and 2.1.0RC5 are vulnerable to an authentication bypass. This problem is considered as very serious and all eXtplorer installations should be upgraded to version 2.1.3 as soon as possible
Added by Sören Eberhardt-Biermann over 4 years ago

This morning we were notified of a problem within the authentication system of eXtplorer by Brendan Coles of itsecuritysolutions.org. Versions 2.1.2, 2.1.1, 2.1.0 and 2.1.0RC5 have found to be vulnerable to an authentication bypass bug.
This bug has been fixed in the latest release of eXtplorer (2.1.3), which you should download and install/upgrade immediately!
If you just want a quick fix, please download the attached file called users.php and put it into the eXtplorer subfolder "/include", in Joomla! installations it can be found under "/administrator/components/com_extplorer/include". Just replace the existing file with this new one.

users.php Magnifier (4.37 KB) Sören Eberhardt-Biermann, 12/25/2012 08:21 AM


Comments