Vulnerabilities (CVE)

Filtered by vendor Gf 3xplorer Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-6476 1 Gf 3xplorer 1 Gf 3xplorer 2024-11-21 5.0 MEDIUM N/A
GF-3XPLORER 2.4 allows remote attackers to obtain configuration information via a direct request to explorer/phpinfo.php, which calls the phpinfo function.
CVE-2007-6475 1 Gf 3xplorer 1 Gf 3xplorer 2024-11-21 6.4 MEDIUM N/A
Multiple directory traversal vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang_sel parameter to (1) updater.php and (2) thumber.php.
CVE-2007-6474 1 Gf 3xplorer 1 Gf 3xplorer 2024-11-21 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to inject arbitrary web script or HTML via the newdir parameter to index_3x.php, and unspecified other vectors.