CVE-2022-45475

Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to access the application's internal files. This is possible because the application is vulnerable to broken access control...

CVE-2022-45476

Tiny File Manager version 2.4.8 executes the code of files uploaded by users of the application, instead of just returning them for download. This is possible because the application is vulnerable to insecure file upload...

CVE-2022-45475

Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to access the application's internal files. This is possible because the application is vulnerable to broken access control...

Improper access control

Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to access the application's internal files. This is possible because the application is vulnerable to broken access control...

Unrestricted file upload

Tiny File Manager version 2.4.8 executes the code of files uploaded by users of the application, instead of just returning them for download. This is possible because the application is vulnerable to insecure file upload...

CVE-2022-23044

Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to persuade users to perform unintended actions within the application. This is possible because the application is vulnerable to CSRF...

CVE-2022-23044

Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to persuade users to perform unintended actions within the application. This is possible because the application is vulnerable to CSRF...

CVE-2022-23044

CVE-2022-23044 affects Tiny File Manager 2.4.8 and is caused by a CSRF vulnerability that allows an unauthenticated remote attacker to persuade users to perform unintended actions within the application. The initial description confirms CSRF as the root cause and unauthenticated access, with prac...

CVE-2022-23044

Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to persuade users to perform unintended actions within the application. This is possible because the application is vulnerable to CSRF...

CVE-2022-23044

Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to persuade users to perform unintended actions within the application. This is possible because the application is vulnerable to CSRF...

CVE-2022-45475

Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to access the application's internal files. This is possible because the application is vulnerable to broken access control...

Tiny File Manager 代码问题漏洞

Tiny File Manager is a web-based open source file manager. A code issue vulnerability exists in Tiny File Manager version 2.4.8, which arises from its server-side processing of uploaded files instead of returning files for download, allowing an unauthenticated user to cause access to uploaded fil...

Tiny File Manager 安全漏洞

Tiny File Manager is a web-based open source file manager. A security vulnerability exists in Tiny File Manager version 2.4.8, which originates in its server-side processing of uploaded files instead of returning files for download, which allows unauthenticated users to access uploaded files via...

CVE-2022-45476

Tiny File Manager 2.4.8 is vulnerable to insecure file upload that allows server-side execution of uploaded code. Multiple sources describe unauthenticated remote code execution via processing uploaded files instead of serving them for download, enabling attackers to run arbitrary code on the ser...

CVE-2022-45476

Tiny File Manager version 2.4.8 executes the code of files uploaded by users of the application, instead of just returning them for download. This is possible because the application is vulnerable to insecure file upload...

CVE-2022-45475

Tiny File Manager 2.4.8 is affected by a broken access control vulnerability that allows an unauthenticated remote attacker to access internal files. The connected documents consistently identify the affected software and the access-control weakness, but do not provide concrete remediation steps ...

PT-2022-15804 · Unknown · Tiny File Manager

Name of the Vulnerable Software and Affected Versions: Tiny File Manager version 2.4.8 Description: The issue allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application is vulnerable to CSRF, processes uploaded files...

CVE-2022-45475

Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to access the application's internal files. This is possible because the application is vulnerable to broken access control...

PT-2022-27532 · Unknown · Tiny File Manager

Name of the Vulnerable Software and Affected Versions: Tiny File Manager version 2.4.8 Description: The issue allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application is vulnerable to insecure file upload and processes...

CVE-2022-45476

Tiny File Manager version 2.4.8 executes the code of files uploaded by users of the application, instead of just returning them for download. This is possible because the application is vulnerable to insecure file upload...