Vulnerability Details CVE-2019-7305
Information Exposure vulnerability in eXtplorer makes the /usr/ and /etc/extplorer/ system directories world-accessible over HTTP. Introduced in the Makefile patch file debian/patches/debian-changes-2.1.0b6+dfsg-1 or debian/patches/adds-a-makefile.patch, this can lead to data leakage, information disclosure and potentially remote code execution on the web server. This issue affects all versions of eXtplorer in Ubuntu and Debian
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 77.7%
CVSS Severity
CVSS v3 Score 5.8
CVSS v2 Score 7.5
Products affected by CVE-2019-7305
-
cpe:2.3:a:extplorer:extplorer:-
-
cpe:2.3:a:extplorer:extplorer:1.0.0
-
cpe:2.3:a:extplorer:extplorer:2.0.0
-
cpe:2.3:a:extplorer:extplorer:2.1.0
-
cpe:2.3:o:canonical:ubuntu_linux:-
-
cpe:2.3:o:debian:debian_linux:-