CVE-2024-53537

An issue in OpenPanel v0.3.4 to v0.2.1 allows attackers to execute a directory traversal in File Actions of File Manager...

CVE-2024-53537

An issue in OpenPanel v0.3.4 to v0.2.1 allows attackers to execute a directory traversal in File Actions of File Manager...

PT-2025-2970 · Openpanel · Openpanel

Name of the Vulnerable Software and Affected Versions: OpenPanel version 0.3.4 Description: An issue in the Copy and View functions of the File Manager component allows attackers to execute a directory traversal via a crafted HTTP request. Recommendations: For OpenPanel version 0.3.4, consider...

CVE-2024-53582

An issue found in the Copy and View functions in the File Manager component of OpenPanel v0.3.4 allows attackers to execute a directory traversal via a crafted HTTP request...

CVE-2024-53582

CVE-2024-53582 affects OpenPanel v0.3.4, where the Copy and View functions in the File Manager are vulnerable to directory traversal via crafted HTTP requests. The root cause is a directory traversal flaw in the File Manager’s Copy and View endpoints, enabling an attacker to access filesystem pat...

CVE-2024-53537

An issue in OpenPanel v0.3.4 to v0.2.1 allows attackers to execute a directory traversal in File Actions of File Manager...

CVE-2024-53537

An issue in OpenPanel v0.3.4 to v0.2.1 allows attackers to execute a directory traversal in File Actions of File Manager...

CVE-2024-53582

An issue found in the Copy and View functions in the File Manager component of OpenPanel v0.3.4 allows attackers to execute a directory traversal via a crafted HTTP request...

CVE-2024-53537

OpenPanel OpenPanel vulnerability CVE-2024-53537 affects the OpenPanel web hosting panel (File Manager) with directory traversal in File Actions of the File Manager. Affected versions range from v0.2.1 up to v0.3.4; the root cause is improper handling of file actions that enables traversal to acc...

OpenPanel 安全漏洞

OpenPanel is a web hosting panel from OpenPanel, Inc. A security vulnerability exists in OpenPanel v0.3.4, which originates in the File Manager component of OpenPanel, and can be exploited to access and view a directory traversal operation by constructing a malicious HTTP request and utilizing th...

OpenPanel 安全漏洞

OpenPanel is a web hosting panel from OpenPanel, Inc. A security vulnerability exists in OpenPanel version v0.3.4, which is caused by a directory traversal vulnerability in the Copy and View functions of the File Manager component...

OpenPanel 0.3.4 Directory Traversal Vulnerability

Exploit Title: OpenPanel 0.3.4 - Directory Traversal in Copy Function of File Manager Exploit Author: Korn Chaisuwan, Punthat Siriwan, Pongtorn Angsuchotmetee Vendor Homepage: https://openpanel.com/ Software Link: https://openpanel.com/ Version: 0.3.4 Tested on: macOS CVE : CVE-2024-53582 POST...

CVE-2024-25034

IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the type of file in the File Manager T1 process. Attackers can make use of this weakness and upload malicious executable files into the system that can be sent to victims for performing further attac...

IBM Planning Analytics 代码问题漏洞

IBM Planning Analytics is a suite of business planning analytics solutions from International Business Machines IBM. The solution supports automated execution of processes such as business planning, budgeting and analysis. A file upload vulnerability exists in IBM Planning Analytics that stems fr...

YesWiki 路径遍历漏洞

YesWiki is a wiki system written in PHP by the French organization YesWiki. It is used to create and manage websites in a collaborative manner. A path traversal vulnerability exists in YesWiki 4.4.5 and earlier versions, which stems from a file manager that allows an authenticated user to delete...

CVE-2024-13333

The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fmalocalfilesystem' function in versions 5.2.12 to 5.2.13. This makes it possible for authenticated attackers, with Subscriber-level access and above and upload...

CVE-2024-13333 Advanced File Manager 5.2.12 - 5.2.13 - Authenticated (Subscriber+) Arbitrary File Upload

The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fmalocalfilesystem' function in versions 5.2.12 to 5.2.13. This makes it possible for authenticated attackers, with Subscriber-level access and above and upload...

CVE-2024-13333

CVE-2024-13333 affects the WordPress plugin Advanced File Manager (versions 5.2.12–5.2.13). It enables authenticated users with Subscriber-level access (and any admin-granted upload permission) to upload arbitrary files due to missing file type validation in fma_local_file_system, with exploitati...

CVE-2024-13333 Advanced File Manager 5.2.12 - 5.2.13 - Authenticated (Subscriber+) Arbitrary File Upload

The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fmalocalfilesystem' function in versions 5.2.12 to 5.2.13. This makes it possible for authenticated attackers, with Subscriber-level access and above and upload...

WordPress plugin Advanced File Manager 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...