CVE-2019-19659

A CSRF vulnerability exists in the Web File Manager's Edit Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can take over a user account by changing the password, update users' details, and escalate privileges via RAPR/DefineUsersSet.html...

CVE-2019-19660

A CSRF vulnerability exists in the Web File Manager's Network Setting functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can manipulate the SMTP setting and other network settings via RAPR/NetworkSettingsSet.html...

Pandora FMS Remote Code Execution Vulnerability

Pandora FMS is an open source application , used to monitor the site's various activities , it can receive real-time monitoring reports , and sent to your designated mailbox , you can also send via e-mail , SMS . A remote code execution vulnerability exists in Pandora FMS 7.42 and earlier version...

CVE-2019-20050

CVE-2019-20050 affects Pandora FMS ≤ 7.42. A remote code execution exists when an authenticated user creates a folder with a “tricky” name in the filemanager; the exploit requires the php-fileinfo extension to be disabled and the attacker to include shell metacharacters in the content type. This ...

CVE-2013-3960

Easytime Studio Easy File Manager 1.1 has a HTTP request security bypass...

Design/Logic Flaw

Easytime Studio Easy File Manager 1.1 has a HTTP request security bypass...

CVE-2013-3960

Easytime Studio Easy File Manager 1.1 has a HTTP request security bypass...

CVE-2013-3960

Technical details for CVE-2013-3960 are not publicly provided in the supplied documents; available references only reiterate a security bypass in Easytime Studio Easy File Manager 1.1. Monitor for updates.

Concrete CMS: Remote Code Execution (Reverse Shell) - File Manager

Remote Code Execution Reverse Shell - File Manager • Title: concrete5-8.5.2 Remote Code Execution - Reverse Shell • Keyword: crayons • Software : concrete5 • Product Version: 8.5.2 • Vulnerability : Remote Code Execution - Reverse Shell • Vulnerable component: File Manager The attacker needs the...

Tiny File Manager Code Execution Vulnerability

Tiny File Manager is a web-based open source file manager. A security vulnerability exists in Tiny File Manager versions prior to 2.3.9. An attacker can exploit this vulnerability to execute code...

CVE-2019-16790

In Tiny File Manager before 2.3.9, there is a remote code execution via Upload from URL and Edit/Rename files. Only authenticated users are impacted...

CVE-2019-16790

In Tiny File Manager before 2.3.9, there is a remote code execution via Upload from URL and Edit/Rename files. Only authenticated users are impacted...

Remote code execution

In Tiny File Manager before 2.3.9, there is a remote code execution via Upload from URL and Edit/Rename files. Only authenticated users are impacted...

CVE-2019-16790 Remote Code Execution in Tiny File Manager

In Tiny File Manager before 2.3.9, there is a remote code execution via Upload from URL and Edit/Rename files. Only authenticated users are impacted...

CVE-2019-16790

In Tiny File Manager, versions prior to 2.3.9 are affected by a remote code execution vulnerability exploitable via Upload from URL and Edit/Rename operations. The issue impacts authenticated users, with affected components being the Upload from URL and file-edit/rename paths. Root cause details ...

PT-2019-14833

Name of the Vulnerable Software and Affected Versions Tiny File Manager versions prior to 2.3.9 Description The issue allows for remote code execution through the Upload from URL feature and the Edit/Rename files functionality. It affects only authenticated users. Recommendations For versions pri...

Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting Vulnerability

Exploit for asp platform in category web applications Exploit Title: Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting Google Dork: site:..com "Web File Manager" inurl:?login= Shodan Dork: Server: Rumpus Exploit Author: Harshit Shukla, Sudeepto Roy Vendor Homepage:...

Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting

Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting Exploit Title: Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting Google Dork: site:..com "Web File Manager" inurl:?login= Shodan Dork: Server: Rumpus Date: 2019-12-14 Exploit Author: Harshit Shukla, Sudeepto R...

Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting

Exploit Title: Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting Google Dork: site:..com "Web File Manager" inurl:?login= Shodan Dork: Server: Rumpus Date: 2019-12-14 Exploit Author: Harshit Shukla, Sudeepto Roy Vendor Homepage: https://www.maxum.com/ Tested On: Windows & Mac...

Rumpus FTP Web File Manager Cross-Site Scripting Vulnerability

Rumpus FTP Web File Manager is a file transfer server. A cross-site scripting vulnerability exists in the login page in Rumpus FTP Web File Manager version 8.2.9.1. The vulnerability stems from a lack of proper validation of client data by the web application. An attacker can exploit this...