724 matches found
Path traversal
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary file via path traversal with the path parameter, through the getfile action in ajaxcalls.php...
CVE-2018-20793
tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary file as a consequence of a paths0 path traversal mitigation bypass, through the createfile action in execute.php...
CVE-2018-20790
tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary file as a consequence of a paths0 path traversal mitigation bypass through the deletefile action in execute.php...
CVE-2018-20794
tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary image file jpg/jpeg/png via path traversal with the path parameter, through the saveimg action in ajaxcalls.php...
CVE-2018-20792
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary file via path traversal with the path parameter, through the getfile action in ajaxcalls.php...
CVE-2018-20795
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary files via path traversal with the path parameter, through the copycut action in ajaxcalls.php and the pasteclipboard action in execute.php...
CVE-2018-20794
CVE-2018-20794 affects tecrail Responsive FileManager (version 9.13.4). The flaw is a path traversal in the save_img action of ajax_calls.php, enabling remote attackers to write to arbitrary image files (jpg/jpeg/png). The issue originates from how the path parameter is handled, allowing modifica...
CVE-2018-20790
The CVE-2018-20790 entry affects tecrail Responsive FileManager 9.13.4. A path traversal vulnerability exists in the delete_file action within execute.php, where a paths[0] traversal mitigation can be bypassed, enabling remote attackers to delete arbitrary files. This is initiated via the delete_...
CVE-2018-20795
CVE-2018-20795 affects tecrail Responsive FileManager 9.13.4. The vulnerability is a path traversal in file access that lets remote attackers read arbitrary files via a path parameter. Specifically, the issue is triggered through the copy_cut action in ajax_calls.php and the paste_clipboard actio...
CVE-2018-20793
The CVE-2018-20793 entry concerns tecrail Responsive FileManager version 9.13.4. A path traversal mitigation bypass in the create_file action of execute.php allows remote attackers to write arbitrary files, due to improper handling of paths[0]. This is a remote, unauthenticated vulnerability with...
CVE-2018-20791
CVE-2018-20791 affects tecrail Responsive FileManager 9.13.4. The issue is an XSS via a media file upload, caused by mishandling of the media_preview action, allowing an attacker to inject script/HTML through the filename. Connected sources confirm the product/version and the vulnerability class;...
CVE-2018-20795
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary files via path traversal with the path parameter, through the copycut action in ajaxcalls.php and the pasteclipboard action in execute.php...
CVE-2018-20790
tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary file as a consequence of a paths0 path traversal mitigation bypass through the deletefile action in execute.php...
CVE-2018-20789
tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary directory as a consequence of a paths0 path traversal mitigation bypass through the deletefolder action in execute.php...
CVE-2018-20792
tecrail Responsive FileManager 9.13.4 contains a path traversal vulnerability in ajax_calls.php (get_file action). Insufficient sanitization of directory traversal characters allows remote attackers to read arbitrary files. The issue is documented across multiple sources (NVD/CVE entries and vend...
CVE-2018-20789
Product : tecrail Responsive FileManager 9.13.4. Vulnerability : path traversal mitigation bypass in the delete_folder action of execute.php, allowing a remote attacker to delete an arbitrary directory. Root cause : bypasses a path traversal check. Impact : arbitrary directory deletion as stated....
tecrail Responsive FileManager path traversal vulnerability (CNVD-2019-12903)
tecrail Responsive FileManager is an open source file manager written in PHP by the Italian company tecrail. The product supports the uploading and management of videos, images or other files. A path traversal vulnerability exists in tecrail Responsive FileManager version 9.13.4. A remote attacke...
tecrail Responsive FileManager path traversal vulnerability (CNVD-2019-12902)
tecrail Responsive FileManager is an open source file manager written in PHP by the Italian company tecrail. The product supports the uploading and management of videos, images or other files. A path traversal vulnerability exists in the 'saveimg' function of the ajaxcalls.php file in version...
tecrail Responsive FileManager path traversal vulnerability (CNVD-2019-12898)
tecrail Responsive FileManager is an open source file manager written in PHP by the Italian company tecrail. The product supports the uploading and management of videos, images or other files. A path traversal vulnerability exists in the 'deletefile' function of the execute.php file in version...
tecrail Responsive FileManager Arbitrary Directory Deletion Vulnerability
tecrail Responsive FileManager is an open source file manager written in PHP by the Italian company tecrail. The product supports the uploading and management of videos, images or other files. A security vulnerability exists in the 'deletefolder' function of the execute.php file in version 9.13.4...