Recently eXtplorer 2.1.7 was released, fixing some minor vulnerabilities.
- fixed SWFUpload against XSS vulnerabilities
- fixed XSS vulnerability in file list
An update is recommended.
eXtplorer Version 2.1.6 has been released with the following changes:
- fixed https usage for ports other than 443
- fixed XSS issue related to PHP_SELF
- added date range filtering to file search
- simplified search function
- fixed scrambled non-ASCII file names on UTF-8 systems
Please update to this new eXtplorer version as it fixes an XSS security issue. Also the UTF-8 fix is recommended for users with non-ASCII filenames.
Version 2.1.5 of eXtplorer is now available. This release fixes a vulnerability that allowed to access eXtplorer installations in Joomla! via the standalone interface bypassing the Joomla! authentication. Please update immediately if you're running eXtplorer in Joomla!
eXtplorer 2.1.4 is available now. It fixes some security vulnerabilities found.
Make sure you Update your Installation as soon as possible!
This morning we were notified of a problem within the authentication system of eXtplorer by Brendan Coles of itsecuritysolutions.org. Versions 2.1.2, 2.1.1, 2.1.0 and 2.1.0RC5 have found to be vulnerable to an authentication bypass bug.
This bug has been fixed in the latest release of eXtplorer (2.1.3), which you should download and install/upgrade immediately!
If you just want a quick fix, please download the attached file called users.php and put it into the eXtplorer subfolder "/include", in Joomla! installations it can be found under "/administrator/components/com_extplorer/include". Just replace the existing file with this new one.
eXtplorer 2.1.2 is available now, which fixes an installation problem on Joomla! 2.5.
Another small fix also hides the top and bottom bar on J! 3.0, so the application is more usable.
The latest release of eXtplorer - version 2.1.1 - brings compatibility to Joomla! 3.0, which is the current latest version. No features have been added or bugs been resolved. So if you need eXtplorer for us in Joomla! 3.0, you must use eXtplorer 2.1.1 (or later).
Long time I wondered why nobody posted topics here at explorer.net, but it turned out that the URL rewrite functionality wasn't properly configured. This has now been resolved: posting on the boards here at extplorer.net is now working.
eXtplorer 2.1.0 (stable) is available now! It's a security release, which fixes a medium-impact XSS vulnerability found by Han Lee via Secunia SVCRP. There are no new features, just smaller bug fixes.
Make sure you grab your copy now and update as soon as possible!
You can have a look at the new version in SVN - just load your copy using a Subversion client and report your errors back!