Produkt T3quixplorer (...) - CVEMAP.ORG

Podatności dla 'T3quixplorer'

2011-12-24

CVE-2011-5005

CWE-Other

Unrestricted file upload vulnerability in QuiXplorer 2.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension using the upload action to index.php, then accessing it via a direct request to the file in an unspecified directory.

2010-03-19

CVE-2010-1021

CWE-79

Cross-site scripting (XSS) vulnerability in the Typo3 Quixplorer (t3quixplorer) extension before 1.7.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Copyright 2024, cxsecurity.com