Insecure Permissions in eXtplorer 2.1.15: Arbitrary Code Execution via File Upload
CVE-2023-29657 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
eXtplorer 2.1.15 is vulnerable to Insecure Permissions. File upload in file manager allows uploading zip file containing php pages with arbitrary code executions.
Learn more about our Web Application Penetration Testing UK.