Candidate: CVE-2013-5951
PublicDate: 2014-03-25 16:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5951
 http://seclists.org/fulldisclosure/2014/Mar/273
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer 2.1.3,
 when used as a component for Joomla!, allow remote attackers to inject
 arbitrary web script or HTML via the PATH_INFO to (1) application.js.php in
 scripts/ or (2) admin.php, (3) copy_move.php, (4) functions.php, (5)
 header.php, or (6) upload.php in include/.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741908
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_extplorer:
upstream_extplorer: needs-triage
lucid_extplorer: DNE
precise_extplorer: ignored (reached end-of-life)
precise/esm_extplorer: DNE (precise was needed)
quantal_extplorer: ignored (reached end-of-life)
saucy_extplorer: ignored (reached end-of-life)
trusty_extplorer: released (2.1.0b6+dfsg.3-4+deb7u1~build0.14.04.1)
trusty/esm_extplorer: DNE (trusty was released [2.1.0b6+dfsg.3-4+deb7u1~build0.14.04.1])
utopic_extplorer: not-affected (2.1.0b6+dfsg.3-4+deb7u1)
vivid_extplorer: not-affected (2.1.0b6+dfsg.3-4+deb7u1)
vivid/stable-phone-overlay_extplorer: DNE
vivid/ubuntu-core_extplorer: DNE
wily_extplorer: not-affected (2.1.0b6+dfsg.3-4+deb7u1)
xenial_extplorer: not-affected (2.1.0b6+dfsg.3-4+deb7u1)
yakkety_extplorer: DNE
zesty_extplorer: DNE
devel_extplorer: DNE