SynopsisA web application on the remote web server has multiple vulnerabilities.
DescriptionThe version of AjaXplorer hosted on the remote web server is earlier than 5.0.1. It is, therefore, affected by multiple command execution vulnerabilities in the following plugins:
- File System Standard Plugin (access.fs)
- Power FS Plugin (action.powerfs)
- Subversion Repository Plugin (meta.svn)
The plugins above are installed and enabled in the default installation except for the Power FS plugin, which is installed but not enabled by default.
SolutionUpgrade to AjaXplorer version 5.0.1 or later.