漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
eXtplorer exposes /usr and /etc/extplorer over HTTP
Vulnerability Description
Information Exposure vulnerability in eXtplorer makes the /usr/ and /etc/extplorer/ system directories world-accessible over HTTP. Introduced in the Makefile patch file debian/patches/debian-changes-2.1.0b6+dfsg-1 or debian/patches/adds-a-makefile.patch, this can lead to data leakage, information disclosure and potentially remote code execution on the web server. This issue affects all versions of eXtplorer in Ubuntu and Debian
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Vulnerability Type
信息暴露
Vulnerability Title
eXtplorer 信息泄露漏洞
Vulnerability Description
eXtplorer是一款基于PHP的文件管理器。 eXtplorer中的debian/patches/debian-changes-2.1.0b6+dfsg-1或debian/patches/adds-a-makefile.patch补丁文件存在信息泄露漏洞。攻击者可利用该漏洞访问/usr/和/etc/extplorer/系统路径,获取信息/数据并可能在Web服务器上执行代码。
CVSS Information
N/A
Vulnerability Type
N/A