Actions
Fehler #205
openCVE-2016-4313: archive path traversal vulnerability in extplorer 2.1.9
eXtplorer Version:
2.1.4
Joomla! Version:
Joomla! 3.1
Description
Hi,
I haven't found an issue or a fix for this on your site, so I'm forwarding this in case you weren't aware. There was an archive path traversal vulnerability. It has been assigned CVE-2016-4313. For more details see:
Files
Updated by Chris Lamb over 8 years ago
- File CVE-2016-431.patch CVE-2016-431.patch added
Suggested patch attached. I would use
extpath::checkbut that unfortunately also checks whether the destination is outside of
EXT_PATH.
Updated by Sören Eberhardt-Biermann about 8 years ago
- Status changed from Neu to Gelöst
- Target version set to 2.1.10
thanks for providing the report and the patch!
Updated by David samy about 3 years ago
Actions