CVE-2016-4313

HIGH

eXtplorer 2.1.9 - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files via a .. (dot dot) in an archive file.

Exploits (1)

exploitdb WORKING POC
by hyp3rlinx · phpwebappsphp
https://www.exploit-db.com/exploits/39816

References (5)

Scores

CVSS v3 7.8
EPSS 0.0322
EPSS Percentile 87.1%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-22
Status published
Products (1)
extplorer/extplorer 2.1.9
Published Apr 24, 2017
Tracked Since Feb 18, 2026