EDB-4738webappsphpVERIFICADO

gf-3xplorer 2.4 - Cross-Site Scripting / Local File Inclusion

MhZ9112/18/2007

Ver en Exploit-DB Ver Fuente en GitLab

Análisis IAImpulsado por IA

Código del Exploit

Exploit code not available in database

Ver Fuente en GitLab

CVEs Relacionados (3)

CVE-2007-6476

NONE

GF-3XPLORER 2.4 allows remote attackers to obtain configuration information via a direct request to explorer/phpinfo.php, which calls the phpinfo function.

12/20/2007CWE-200

CVE-2007-6475

NONE

Multiple directory traversal vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang_sel parameter to (1) updater.php and

Multiple directory traversal vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang_sel parameter to (1) updater.php and ...

12/20/2007CWE-22

CVE-2007-6474

NONE

Multiple cross-site scripting (XSS) vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to inject arbitrary web script or HTML via the newdir parameter to index_3x.php, and unspecified other vec

Multiple cross-site scripting (XSS) vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to inject arbitrary web script or HTML via the newdir parameter to index_3x.php, and unspecified other vec...

12/20/2007CWE-79