ExplorerXP - Dateimanager mit Tabs
Name: ExplorerXP 1.07 Grösse: 410 KB Homepage: http://www.explorerxp.com Downloadlink: http://www.explorerxp.com/index.html#download Supportforum: http://www.explorerxp.com/phpBB2 Beschreibung: ExplorerXP is a very fast, small, compact and innovative FREEWARE (for non - commercial use) file manager for Windows 2000/XP.Unlike the regular Windows Explorer, it displays the total size of each folder and allows you to browse multiple folders from a tabbed interface. It also includes an option to split and merge files, and to select or delete files based on wildcards Features <*>Tabbed interface - all your windows (open folders) will appear inside a single ExplorerXP application. <*>The tab bar provides a quick access to all open Windows <*>Easy access to My Computer, Recycle Bin , My Documents & Desktop <*>Drag & Drop with Explorer, the tab bar and special folders on the main toolbar. <*>Multy rename tool - allows to rename multiple files in one step. <*>Displays folder size information and the real size of compressed files & folders. <*>Folder Size Cache - greatly improves the speed of the folder size calculations between sessions. <*>Merge/SplitTools. <*>Advanced copy/move. <*>Unicode support. <*>USB devices support. <*>Clean - recursively removes files that match given list of extentions or wildcards. <*>Groups - A group is a collection of folders, which users are able to access quickly or drag & drop files to them. <*>Configurable keyboard shortcuts. <*>Small download size - only 410 KB. ________________________________________________________________________________________________ SICHERHEITSHINWEIS : ExplorerXP Input Validation Hole Permits Directory Traversal and Cross-Site Scripting Attacks SecurityTracker Alert ID: 1015840 SecurityTracker URL: http://securitytracker.com/id?1015840 CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site) Date: Mar 28 2006 Description: Amine ABOUD (Silitix) reported a vulnerability in ExplorerXP. A remote user can conduct cross-site scripting attacks. A remote user can also view files on the target system. The 'dir.php' script does not properly validate user-supplied filenames in the 'chemin' parameter. A remote user can supply a specially crafted parameter value containing '../' directory traversal parameters to view arbitrary files on the target system. Impact: A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the ExplorerXP software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user. A remote user can view arbitrary files on the target system. Solution: No solution was available at the time of this entry. ________________________________________________________________________________________________