PT-2025-26593 · Innoshop · Innoshop

Name of the Vulnerable Software and Affected Versions: Innoshop versions 0.4.1 and earlier Description: The issue allows directory traversal via FileManager API endpoints, such as "/api/file manager/files?base folder=", "/api/file manager/directories", "/api/file manager/copy files", and "/api/fi...

CVE-2025-52922

Innoshop through 0.4.1 allows directory traversal via FileManager API endpoints. An authenticated attacker with access to the admin panel could abuse this to: 1 fully map the filesystem structure via the /api/filemanager/files?basefolder= endpoint, 2 create arbitrary directories on the server via...

VulnCheck KEV: CVE-2022-46604

An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution...

CVE-2024-52306

FileManager provides a Backpack admin interface for files and folder. Prior to 3.0.9, deserialization of untrusted data from the mimes parameter could lead to remote code execution. This vulnerability is fixed in 3.0.9...

CVE-2022-46604

An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution...

CVE-2022-45542

EyouCMS = 1.6.0 was discovered a reflected-XSS in the FileManager component in GET parameter "filename" when editing any file...

CVE-2022-44276

In Responsive Filemanager 9.12.0, an attacker can bypass upload restrictions resulting in RCE...

CVE-2022-40734

UniSharp laravel-filemanager aka Laravel Filemanager before 2.6.4 allows download?workingdir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0...

CVE-2022-45539

EyouCMS = 1.6.0 was discovered a reflected-XSS in FileManager component in GET value "activepath" when creating a new file...

CVE-2020-10567

An issue was discovered in Responsive Filemanager through 9.14.0. In the ajaxcalls.php file in the saveimg action in the name parameter, there is no validation of what kind of extension is sent. This makes it possible to execute PHP code if a legitimate JPEG image contains this code in the EXIF...

CVE-2020-27387

An unrestricted file upload issue in HorizontCMS through 1.0.0-beta allows an authenticated remote attacker with access to the FileManager to upload and execute arbitrary PHP code by uploading a PHP payload, and then using the FileManager's rename function to provide the payload which will receiv...

CVE-2020-11106

An issue was discovered in Responsive Filemanager through 9.14.0. In the dialog.php page, the session variable $SESSION'RF'"viewtype" wasn't sanitized if it was already set. This made stored XSS possible if one opens ajaxcalls.php and uses the "view" action and places a payload in the type...

CVE-2017-20145

A vulnerability was found in Tecrail Responsive Filemanger up to 9.10.x and classified as critical. The manipulation leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 9.11.0 is able to address this issu...

CVE-2003-1460

Worker Filemanager 1.0 through 2.7 sets the permissions on the destination directory to world-readable and executable while copying data, which could allow local users to obtain sensitive information...

Arbitrary Code Injection

Overview unisharp/laravel-filemanager is an A file upload/editor intended for use with Laravel 5 to 6 and CKEditor / TinyMCE. Affected versions of this package are vulnerable to Arbitrary Code Injection through using a valid mimetype and inserting the . character after the php file extension. Thi...

Exploit for CVE-2024-21546

CVE-2024-21546 Python Exploit 🔥 Description This Python ex...

CVE-2024-50807

Trippo Responsive Filemanager 9.14.0 is vulnerable to Cross Site Scripting XSS via file upload using the svg and pdf extensions...

CVE-2024-21546

Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution RCE through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal which allows an authenticated user to delete files on the server via the filemanager process. Details A Directory Traversal attack also known as path traversal aims to access files and directories that are stored...

GHSA-43C9-GW4X-PCX6 Authenticated arbitrary file deletion in YesWiki

Authenticated arbitrary file deletion in YesWiki fmRestore; $this-fmShowtrue, $isAction; break; case 'erase': $this-fmErase; $this-fmShowtrue, $isAction; break; case 'del': $this-fmDelete; $this-fmShowfalse, $isAction; break; case 'trash': $this-fmShowtrue, $isAction; break; case 'emptytrash':...