724 matches found
CVE-2024-50807
Trippo Responsive Filemanager 9.14.0 is vulnerable to Cross Site Scripting XSS via file upload using the svg and pdf extensions...
CVE-2024-50807
Trippo Responsive Filemanager 9.14.0 is vulnerable to Cross Site Scripting XSS via file upload using the svg and pdf extensions...
CVE-2024-50807
CVE-2024-50807 affects Trippo Responsive Filemanager 9.14.0. The issue is a Cross Site Scripting (XSS) vulnerability triggered by uploading files with the extensions svg or pdf. The available sources indicate the flaw resides in the file upload handling, enabling script execution under certain co...
CVE-2024-50807
Trippo Responsive Filemanager 9.14.0 is vulnerable to Cross Site Scripting XSS via file upload using the svg and pdf extensions...
Responsive FileManager 安全漏洞
Responsive FileManager is a free open source file manager from the individual developer Alberto Peripolli. A security vulnerability exists in Responsive FileManager version 9.14.0, which stems from file uploads using svg and pdf extensions and is vulnerable to cross-site scripting attacks...
PT-2025-2889 · Unknown · Trippo Responsivefilemanager
Name of the Vulnerable Software and Affected Versions: Trippo Responsive Filemanager version 9.14.0 Description: The issue is related to Cross Site Scripting XSS via file upload using the svg and pdf extensions. This occurs when files with these extensions are uploaded, potentially allowing...
UniSharp Laravel Filemanager Code Injection vulnerability
Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution RCE through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code...
GHSA-6569-3785-R3V6 UniSharp Laravel Filemanager Code Injection vulnerability
Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution RCE through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code...
CVE-2024-21546
Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution RCE through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code...
CVE-2024-21546
Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution RCE through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code...
CVE-2024-21546
The CVE-2024-21546 entry specifies a Laravel Filemanager (unisharp/laravel-filemanager) vulnerability: versions before 2.9.1 are susceptible to Remote Code Execution (RCE) via a crafted request that uses a valid mimetype and inserts a dot after the PHP file extension, enabling execution of arbitr...
CVE-2024-21546
Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution RCE through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code...
CVE-2024-21546
Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution RCE through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code...
laravel-filemanager 代码注入漏洞
laravel-filemanager is an open source tool from UniSharp. A security vulnerability exists in laravel-filemanager versions prior to 2.9.1 that stems from vulnerability to remote code execution attacks and allows attackers to execute malicious code...
Remote Code Execution (RCE)
backpack/filemanager is vulnerable to Remote Code Execution. The vulnerability is due to improper handling of untrusted data during deserialization from the mimes parameter, allows an attacker to execute remote code on the affected system...
CVE-2024-11210
A vulnerability was found in EyouCMS 1.51. It has been rated as critical. This issue affects the function editFile of the file application/admin/logic/FilemanagerLogic.php. The manipulation of the argument activepath leads to path traversal. The attack may be initiated remotely. The exploit has...
GHSA-8237-957H-H2C2 FileManager Deserialization of Untrusted Data vulnerability
Impact Deserialization of untrusted data from the mimes parameter could lead to remote code execution. Patches Fixed in 3.0.9 Workarounds Not needed, a composer update will solve it in a non-breaking way. References Reported responsibly Vladislav Gladkiy at Positive Technologies...
FileManager Deserialization of Untrusted Data vulnerability
Impact Deserialization of untrusted data from the mimes parameter could lead to remote code execution. Patches Fixed in 3.0.9 Workarounds Not needed, a composer update will solve it in a non-breaking way. References Reported responsibly Vladislav Gladkiy at Positive Technologies...
Deserialization of Untrusted Data
Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the mimes parameter. Details Serialization is a process of converting an object into a sequence of bytes which can be persisted to a disk or database or can be sent through streams. The reverse...
CVE-2024-52306
FileManager provides a Backpack admin interface for files and folder. Prior to 3.0.9, deserialization of untrusted data from the mimes parameter could lead to remote code execution. This vulnerability is fixed in 3.0.9...