Gf 3xplorer » Gf 3xplorer : Security Vulnerabilities, CVEs,
GF-3XPLORER 2.4 allows remote attackers to obtain configuration information via a direct request to explorer/phpinfo.php, which calls the phpinfo function.
Max CVSS
5.0
EPSS Score
0.33%
Published
2007-12-20
Updated
2017-09-29
Multiple directory traversal vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang_sel parameter to (1) updater.php and (2) thumber.php.
Max CVSS
6.4
EPSS Score
0.36%
Published
2007-12-20
Updated
2017-09-29
Multiple cross-site scripting (XSS) vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to inject arbitrary web script or HTML via the newdir parameter to index_3x.php, and unspecified other vectors.
Max CVSS
4.3
EPSS Score
0.22%
Published
2007-12-20
Updated
2017-09-29
3 vulnerabilities found