eXtplorer 2.1.10 has been released (1 comment)

Added by Sören Eberhardt-Biermann 5 months ago

eXtplorer version 2.1.10 has been released!

These are the changes:
- fixed vulnerability discovered by ADLab of Venustech (command injection, but requires admin access)
- webdav display UPPER/CASE/FULL/PATH with some webdav client
- standalone extplorer webdav does not work with PHP7
- CVE-2016-4313: archive path traversal vulnerability in extplorer 2.1.9
- #202 Users with read only permissions should not be able to extract archives.
- added indonesian language files

An update is highly recommended.

New Homepage for (1 comment)

Added by Sören Eberhardt-Biermann over 1 year ago

The eXtplorer homepage has been renewed. I was using the old layout for around 4 years now and it was time to "refresh" it a little bit. Besides that I also upgraded the server to the latest Ubuntu LTS release and switched to a far more updated version of Redmine for this site.
I hope you like it!

eXtplorer 2.1.8 released (1 comment)

Added by Sören Eberhardt-Biermann over 2 years ago

Today eXtplorer 2.1.8 was released, fixing some minor vulnerabilities.

- added security functions for protection against CSRF attacks
- fixed "directories with the name '0' are not loading"

An update is recommended.

eXtplorer 2.1.6 released

Added by Sören Eberhardt-Biermann about 3 years ago

eXtplorer Version 2.1.6 has been released with the following changes:

- fixed https usage for ports other than 443
- fixed XSS issue related to PHP_SELF
- added date range filtering to file search
- simplified search function
- fixed scrambled non-ASCII file names on UTF-8 systems

Please update to this new eXtplorer version as it fixes an XSS security issue. Also the UTF-8 fix is recommended for users with non-ASCII filenames.

eXtplorer 2.1.3 Security Release

Added by Sören Eberhardt-Biermann about 5 years ago

This morning we were notified of a problem within the authentication system of eXtplorer by Brendan Coles of Versions 2.1.2, 2.1.1, 2.1.0 and 2.1.0RC5 have found to be vulnerable to an authentication bypass bug.
This bug has been fixed in the latest release of eXtplorer (2.1.3), which you should download and install/upgrade immediately!
If you just want a quick fix, please download the attached file called users.php and put it into the eXtplorer subfolder "/include", in Joomla! installations it can be found under "/administrator/components/com_extplorer/include". Just replace the existing file with this new one.


Also available in: Atom