EXtplorer 'ext_find_user()' Function Authentication Bypass Vulnerability Network Vulnerability

Summary

eXtplorer is prone to an authentication-bypass vulnerability. Remote attackers can exploit this issue to bypass the authentication mechanism and gain unauthorized access. eXtplorer 2.1.2, 2.1.1, and 2.1.0 are vulnerable.

Solution

Updates are available please see the references for more information.

References

http://extplorer.net/
http://www.securityfocus.com/bid/57058

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 9.7
AV:N/AC:L/Au:N/C:C/I:C/A:P

Related Vulnerabilities

Apache Struts ClassLoader Manipulation Vulnerabilities
3Com OfficeConnect VPN Firewall Default Password Security Bypass Vulnerability
Ajax File and Image Manager 'data.php' PHP Code Injection Vulnerability
AV Arcade 'ava_code' Cookie Parameter SQL Injection Vulnerability
ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability

eXtplorer 'ext_find_user()' Function Authentication Bypass Vulnerability

Take action and discover your vulnerabilities