PT-2023-14963 · Tecrail · Tecrail Responsive Filemanager

Name of the Vulnerable Software and Affected Versions: Tecrail Responsive FileManager versions 9.9.5 and below Description: An issue in Tecrail Responsive FileManager allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution...

Fedora: Security Advisory for nautilus (FEDORA-2023-f81ad89b81)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: nautilus-42.6-1.fc36

Nautilus is the file manager and graphical shell for the GNOME desktop that makes it easy to manage your files and the rest of your system. It allows to browse directories on local and remote filesystems, preview files and launch applications associated with them. It is also responsible for...

CVE-2022-45542

EyouCMS = 1.6.0 was discovered a reflected-XSS in the FileManager component in GET parameter "filename" when editing any file...

EyouCMS 跨站脚本漏洞

Zanzan Network Technology EyouCms Eyou CMS is an open source content management system CMS based on ThinkPHP by China Zanzan Network Technology Company. A cross-site scripting vulnerability exists in EyouCMS version 1.6.0 and earlier versions, which originates from the activepath GET parameter of...

Path Traversal - Archiving Files to Zip

Description The Tiny File Manager pack files feature is vulnerable to path traversal, which allows an attacker to access files that reside outside the web document root directory. The vulnerability occurs as the "file" parameter is not sanitized properly, thus allowing a malicious user to input...

Rumpus FTP Web File Manager 跨站请求伪造漏洞

Rumpus FTP Web File Manager is a file transfer server. A security vulnerability exists in Rumpus FTP Web File Manager version 9.0.7.1, which originates from a vulnerability that could allow unauthorized operation on behalf of an authenticated user...

Rumpus FTP Web File Manager 跨站请求伪造漏洞

Rumpus FTP Web File Manager is a file transfer server. A security vulnerability exists in Rumpus FTP Web File Manager that stems from a privilege escalation vulnerability that could allow privilege escalation...

Rumpus FTP Web File Manager 数据伪造问题漏洞

Rumpus FTP Web File Manager is a file transfer server. A security vulnerability exists in Rumpus FTP Web File Manager version 9.0.7.1, which stems from improper token validation that could allow bypassing authentication...

Rumpus FTP Web File Manager 跨站脚本漏洞

Rumpus FTP Web File Manager is a file transfer server. A security vulnerability exists in Rumpus FTP Web File Manager version 9.0.7.1 that originates from a vulnerability that could allow scripts to be inserted into unspecified input fields...

Rumpus FTP Web File Manager 跨站脚本漏洞

Rumpus FTP Web File Manager is a file transfer server. A security vulnerability exists in Rumpus FTP Web File Manager version 9.0.7.1, which originates from the presence of Reflected Cross Site Scripting RXSS via unspecified vectors...

[SECURITY] Fedora 37 Update: nautilus-43.2-1.fc37

Nautilus is the file manager and graphical shell for the GNOME desktop that makes it easy to manage your files and the rest of your system. It allows to browse directories on local and remote filesystems, preview files and launch applications associated with them. It is also responsible for...

eXtplorer 跨站脚本漏洞

eXtplorer is a PHP-based file manager. A cross-site scripting vulnerability exists in versions prior to eXtplorer 2.1.13, which stems from a problem with some unknown functionality that can lead to cross-site scripting...

Exploit for Path Traversal in Tiny_File_Manager_Project Tiny_File_Manager

CVE-2021-45010 🐍 Contrived Python PoC Exploit for CVE-2021-45...

CVE-2022-46154

Kodexplorer is a chinese language web based file manager and browser based code editor. Versions prior to 4.50 did not prevent unauthenticated users from requesting arbitrary files from the host OS file system. As a result any files available to the host process may be accessed by arbitrary users...

Input validation

Kodexplorer is a chinese language web based file manager and browser based code editor. Versions prior to 4.50 did not prevent unauthenticated users from requesting arbitrary files from the host OS file system. As a result any files available to the host process may be accessed by arbitrary users...

CVE-2022-46154

CVE-2022-46154 affects KodExplorer (prior to v4.50). The issue lets unauthenticated users request arbitrary files from the host OS file system due to inadequate access control/path traversal. Impact: access to any files available to the host process. The vulnerability is addressed in version 4.50...

CVE-2022-46154 Arbitrary file access in KodExplorer

Kodexplorer is a chinese language web based file manager and browser based code editor. Versions prior to 4.50 did not prevent unauthenticated users from requesting arbitrary files from the host OS file system. As a result any files available to the host process may be accessed by arbitrary users...

PT-2022-27771 · Unknown · Kodexplorer

Name of the Vulnerable Software and Affected Versions: Kodexplorer versions prior to 4.50 Description: Kodexplorer is a Chinese language web-based file manager and browser-based code editor. The issue allows unauthenticated users to request arbitrary files from the host OS file system, making any...

CVE-2022-45476

Tiny File Manager version 2.4.8 executes the code of files uploaded by users of the application, instead of just returning them for download. This is possible because the application is vulnerable to insecure file upload...