MidnightBSD

Advisories for mads_brunn

CVE-2010-1021 MEDIUM

Cross-site scripting (XSS) vulnerability in the Typo3 Quixplorer (t3quixplorer) extension before 1.7.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mads_brunn t3quixplorer 1.0.0
mads_brunn t3quixplorer *
mads_brunn t3quixplorer 1.6.0
mads_brunn t3quixplorer 1.3.0
mads_brunn t3quixplorer 1.2.0
mads_brunn t3quixplorer 1.0.2
mads_brunn t3quixplorer 1.4.0
mads_brunn t3quixplorer 1.0.1
mads_brunn t3quixplorer 1.5.0
CVE-2011-5005 HIGH

Unrestricted file upload vulnerability in QuiXplorer 2.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension using the upload action to index.php, then accessing it via a direct request to the file in an unspecified directory.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
claudio_klingler quixplorer 1.0
claudio_klingler quixplorer 1.5
mads_brunn t3quixplorer 1.3.0
claudio_klingler quixplorer 1.1
claudio_klingler quixplorer 1.2
claudio_klingler quixplorer 2.1.1
mads_brunn t3quixplorer 1.5.0
claudio_klingler quixplorer *
mads_brunn t3quixplorer 1.0.0
mads_brunn t3quixplorer 1.6.0
claudio_klingler quixplorer 1.4
mads_brunn t3quixplorer 1.7.1
mads_brunn t3quixplorer 1.2.0
mads_brunn t3quixplorer 1.7.0
mads_brunn t3quixplorer 1.0.2
mads_brunn t3quixplorer 1.4.0
claudio_klingler quixplorer 1.6
claudio_klingler quixplorer 2.2
mads_brunn t3quixplorer 1.0.1
claudio_klingler quixplorer 2.0