CVE-2019-7305 · CVEKit

cve.orgen

431 chars

Information Exposure vulnerability in eXtplorer makes the /usr/ and /etc/extplorer/ system directories world-accessible over HTTP. Introduced in the Makefile patch file debian/patches/debian-changes-2.1.0b6+dfsg-1 or debian/patches/adds-a-makefile.patch, this can lead to data leakage, information disclosure and potentially remote code execution on the web server. This issue affects all versions of eXtplorer in Ubuntu and Debian

NVDen

431 chars

Information Exposure vulnerability in eXtplorer makes the /usr/ and /etc/extplorer/ system directories world-accessible over HTTP. Introduced in the Makefile patch file debian/patches/debian-changes-2.1.0b6+dfsg-1 or debian/patches/adds-a-makefile.patch, this can lead to data leakage, information disclosure and potentially remote code execution on the web server. This issue affects all versions of eXtplorer in Ubuntu and Debian

NVDes

520 chars

La vulnerabilidad de exposición a la información en eXtplorer hace que los directorios del sistema /usr/ y /etc/extplorer/ sean de tipo world-accessible a través de HTTP. Introducido en el archivo de parche Makefile debian/patches/debian-changes-2.1.0b6+dfsg-1 o debian/patches/adds-a-makefile.patch, esto puede conllevar a un filtrado de datos, una divulgación de información y potencialmente una ejecución de código remota en el Servidor web. Este problema afecta a todas las versiones de eXtplorer en Ubuntu y Debian.

CVSS metrics across sources

4

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H