3137 matches found
alexusmai laravel-file-manager is vulnerable to Directory Traversal
alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The zip/archiving functionality allows an attacker to create archives containing files and directories outside the intended scope due to improper path validation...
GHSA-RR44-8J7R-JG2Q alexusmai laravel-file-manager is vulnerable to Directory Traversal
alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The zip/archiving functionality allows an attacker to create archives containing files and directories outside the intended scope due to improper path validation...
CVE-2025-65345
alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The zip/archiving functionality allows an attacker to create archives containing files and directories outside the intended scope due to improper path validation...
CVE-2025-65345
alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The zip/archiving functionality allows an attacker to create archives containing files and directories outside the intended scope due to improper path validation...
CVE-2025-65345
alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The zip/archiving functionality allows an attacker to create archives containing files and directories outside the intended scope due to improper path validation...
PT-2025-48994
Name of the Vulnerable Software and Affected Versions alexusmai laravel-file-manager versions 3.3.1 and below Description The laravel-file-manager software contains a flaw related to directory traversal. The zip/archiving functionality does not properly validate paths, allowing an attacker to...
CVE-2025-65345
CVE-2025-65345 affects alexusmai laravel-file-manager up to version 3.3.1. The issue is a directory traversal vulnerability in the zip/archiving feature caused by improper path validation, enabling archives to contain files outside the intended scope. Connected sources corroborate the description...
CVE-2025-65345
alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The zip/archiving functionality allows an attacker to create archives containing files and directories outside the intended scope due to improper path validation...
alexusmai laravel-file-manager is vulnerable to Directory Traversal
alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The zip/archiving functionality allows an attacker to create archives containing files and directories outside the intended scope due to improper path validation...
Laravel File Manager 安全漏洞
Laravel File Manager is a Laravel file manager by Aleksandr Manekin Personal Developer. A security vulnerability exists in Laravel File Manager 3.3.1 and earlier versions, which stems from a directory traversal in the zip archive feature that could lead to arbitrary file manipulation...
Exploit for CVE-2025-65345
CVE-2025-65345 – Authenticated Path Traversal From Zip Functio...
WordPress Frontend File Manager Plugin Insecure Direct Object Reference Vulnerability
WordPress Frontend File Manager Plugin is a plugin that allows users to upload, manage and share files through a frontend interface that supports secure storage and permission control. WordPress Frontend File Manager Plugin suffers from an insecure direct object reference vulnerability that stems...
CVE-2025-13382
The Frontend File Manager Plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 23.4. This is due to the plugin not validating file ownership before processing file rename requests in the '/wpfm/v1/file-rename' REST API endpoint. This makes i...
CVE-2025-13382
The Frontend File Manager Plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 23.4. This is due to the plugin not validating file ownership before processing file rename requests in the '/wpfm/v1/file-rename' REST API endpoint. This makes i...
CVE-2025-13382 Frontend File Manager Plugin <= 23.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary File Renaming
The Frontend File Manager Plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 23.4. This is due to the plugin not validating file ownership before processing file rename requests in the '/wpfm/v1/file-rename' REST API endpoint. This makes i...
EUVD-2025-199571
The Frontend File Manager Plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 23.4. This is due to the plugin not validating file ownership before processing file rename requests in the '/wpfm/v1/file-rename' REST API endpoint. This makes i...
CVE-2025-13382
The CVE concerns the WordPress Frontend File Manager Plugin (versions up to 23.4). It is vulnerable to Insecure Direct Object Reference because the plugin does not validate file ownership before processing file rename requests via the REST endpoint /wpfm/v1/file-rename. This allows an authenticat...
WordPress Frontend File Manager plugin plugin <= 23.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary File Renaming vulnerability
Insecure Direct Object Reference to Authenticated Subscriber+ Arbitrary File Renaming vulnerability discovered by t.t.brothers in WordPress Plugin Frontend File Manager versions = 23.4...
New RadzaRat Spyware Poses as File Manager to Hijack Android Devices
Certo Software found RadzaRat, an Android RAT disguised as a file manager that has a 0/66 detection rate on VirusTotal. It keylogs passwords and steals files...
CVE-2025-63994
An arbitrary file upload vulnerability in the /php/UploadHandler.php component of RichFilemanager v2.7.6 allows attackers to execute arbitrary code via uploading a crafted file...