CVE-2024-2849 SourceCodester Simple File Manager unrestricted upload

A vulnerability classified as critical was found in SourceCodester Simple File Manager 1.0. This vulnerability affects unknown code. The manipulation of the argument photo leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

CVE-2024-2849 SourceCodester Simple File Manager unrestricted upload

A vulnerability classified as critical was found in SourceCodester Simple File Manager 1.0. This vulnerability affects unknown code. The manipulation of the argument photo leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

CVE-2024-2849

The CVE-2024-2849 entry concerns SourceCodester Simple File Manager 1.0. The vulnerability arises from incorrect handling of the photo argument, enabling unrestricted file uploads. This is described as a remote, critical issue with publicly disclosed exploit information. Affected component: Simpl...

Simple File Manager 代码问题漏洞

SourceCodester File Manager is a file manager. A code issue vulnerability exists in Simple File Manager version 1.0, which stems from an incorrect manipulation of photo resulting in unrestricted uploads...

PT-2024-22448 · Sourcecodester · Sourcecodester Simple File Manager

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple File Manager version 1.0 Description: A critical vulnerability was found in the software, affecting unknown code. The manipulation of the photo argument leads to unrestricted upload. The attack can be initiated remotely...

The vulnerability of the Adobe Bridge file manager, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Bridge file manager is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

CVE-2024-1538

The File Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.2.4. This is due to missing or incorrect nonce validation on the wpfilemanager page that includes files through the 'lang' parameter. This makes it possible for unauthenticate...

CVE-2024-1538

The File Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.2.4. This is due to missing or incorrect nonce validation on the wpfilemanager page that includes files through the 'lang' parameter. This makes it possible for unauthenticate...

CVE-2024-1538

The File Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.2.4. This is due to missing or incorrect nonce validation on the wpfilemanager page that includes files through the 'lang' parameter. This makes it possible for unauthenticate...

CVE-2024-1538

CVE-2024-1538 affects the WordPress File Manager plugin up to version 7.2.4. The root cause is missing or incorrect nonce validation on the wp_file_manager page that includes files via the 'lang' parameter, enabling unauthenticated attackers to cause local JavaScript inclusion and potentially ach...

CVE-2024-1538 File Manager <= 7.2.4 - Cross-Site Request Forgery to Local JS File Inclusion

The File Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.2.4. This is due to missing or incorrect nonce validation on the wpfilemanager page that includes files through the 'lang' parameter. This makes it possible for unauthenticate...

WordPress Plugin File Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

PT-2024-18124 · WordPress · File Manager

Name of the Vulnerable Software and Affected Versions: File Manager plugin for WordPress versions up to, and including, 7.2.4 Description: The issue is due to missing or incorrect nonce validation on the wp file manager page that includes files through the lang parameter. This makes it possible f...

WordPress File Manager Plugin <= 7.2.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software File Manager Type Plugin Vulnerable versions = 7.2.4 Fixed in 7.2.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1538 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 8e5b8ea35374 Credits 0xBishop Required...

$601 Bounty Awarded for Interesting Cross-Site Request Forgery to Local JS File Inclusion Vulnerability Patched in File Manager WordPress Plugin

🎉 Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On February 15th, 2024, during our second Bug Bounty Extravaganza...

CVE-2024-2604

A vulnerability was found in SourceCodester File Manager App 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/update-file.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit...

CVE-2024-2604

A vulnerability was found in SourceCodester File Manager App 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/update-file.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit...

CVE-2024-2604 SourceCodester File Manager App update-file.php unrestricted upload

A vulnerability was found in SourceCodester File Manager App 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/update-file.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit...

CVE-2024-2604 SourceCodester File Manager App update-file.php unrestricted upload

A vulnerability was found in SourceCodester File Manager App 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/update-file.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit...

CVE-2024-2604

CVE-2024-2604 affects SourceCodester File Manager App 1.0. The vulnerability is in /endpoint/update-file.php where manipulation of the file parameter enables unrestricted file uploads. Exploitation is remote and the exploit has been disclosed publicly. Affected product is not accompanied by an of...