CVE-2017-8297

A path traversal vulnerability exists in simple-file-manager before 2017-04-26, affecting index.php the sole "Simple PHP File Manager" component...

CVE-2019-19669

A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html...

CVE-2019-19661

A Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and snp...

CVE-2011-4825

Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted...

CVE-2013-3960

Easytime Studio Easy File Manager 1.1 has a HTTP request security bypass...

CVE-2003-1539

Cross-site scripting XSS vulnerability in ONEdotOH Simple File Manager SFM before 0.21 allows remote attackers to inject arbitrary web script or HTML via 1 file names and 2 directory names...

CVE-2002-1815

Directory traversal vulnerability in source.php and source.cgi in Aquonics File Manager 1.5 allows remote attackers to read arbitrary files via a .. dot dot in the URL...

CVE-2002-1926

Directory traversal vulnerability in source.php in Aquonics File Manager 1.5 allows remote attackers to read arbitrary files via a .. dot dot in the HTTP query string...

CVE-2024-13914 File Manager Advanced Shortcode <= Multiple Versions - Authenticated (Administrator+) Local JavaScript File Inclusion via Shortcode

The File Manager Advanced Shortcode plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.4 file-manager-advanced-shortcode and 2.5.6 advanced-file-manager-pro-premium, via the 'filemanageradvanced' shortcode. This makes it possible for authenticated...

CVE-2024-13914

Summary: CVE-2024-13914 affects the WordPress plugins File Manager Advanced Shortcode (versions up to 2.5.4) and advanced-file-manager-pro-premium (2.5.6). It is a Local File Inclusion vulnerability exploitable via the file_manager_advanced shortcode, enabling authenticated administrators (and hi...

WordPress plugin File Manager Advanced Shortcode 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A path traversal vulnerability exis...

PT-2025-21264 · WordPress · Advanced-File-Manager-Pro-Premium +1

Name of the Vulnerable Software and Affected Versions: File Manager Advanced Shortcode WordPress plugin versions up to, and including, 2.5.4 advanced-file-manager-pro-premium versions up to, and including, 2.5.6 Description: The issue allows authenticated attackers with Administrator-level access...

WordPress Advanced File Manager plugin missing license vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A lack of authorization vulnerability exists in the WordPress Advanced File Manager plugin that stems from a lack of authorization and can be exploited by an attacker to modify...

CVE-2025-47688

Missing Authorization vulnerability in Saad Iqbal Advanced File Manager file-manager-advanced allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced File Manager: from n/a through = 5.3.1...

CVE-2025-47688

Missing Authorization vulnerability in Saad Iqbal Advanced File Manager file-manager-advanced allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced File Manager: from n/a through = 5.3.1...

CVE-2025-47688

Missing Authorization vulnerability in Saad Iqbal Advanced File Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced File Manager: from n/a through 5.3.1...

CVE-2025-47688 WordPress Advanced File Manager plugin <= 5.3.1 - Broken Access Control to Notice Dismissal vulnerability

Missing Authorization vulnerability in Saad Iqbal Advanced File Manager file-manager-advanced allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced File Manager: from n/a through = 5.3.1...

CVE-2025-47688

CVE-2025-47688 concerns the WordPress Advanced File Manager plugin (

CVE-2025-47688 WordPress Advanced File Manager plugin <= 5.3.1 - Broken Access Control to Notice Dismissal vulnerability

Missing Authorization vulnerability in Saad Iqbal Advanced File Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced File Manager: from n/a through 5.3.1...

PT-2025-20229 · Unknown · Advanced File Manager

Name of the Vulnerable Software and Affected Versions: Advanced File Manager versions through 5.3.1 Description: The issue is related to a Missing Authorization vulnerability, which allows the exploitation of incorrectly configured access control security levels. Recommendations: For versions...