CVE-2022-45539

EyouCMS = 1.6.0 was discovered a reflected-XSS in FileManager component in GET value "activepath" when creating a new file...

CVE-2022-45542

CVE-2022-45542 affects EyouCMS versions prior to or equal to 1.6.0. The vulnerability is a reflected XSS in the FileManager component triggered via the GET parameter filename when editing any file. Root cause is reflected XSS from unsanitized filename input. Impact per sources is a low/none confi...

EyouCMS 跨站脚本漏洞

Zanzan Network Technology EyouCms Eyou CMS is an open source content management system CMS based on ThinkPHP by China Zanzan Network Technology Company. A cross-site scripting vulnerability exists in EyouCMS version 1.6.0 and earlier versions, which originates from the filename GET parameter of t...

CVE-2022-30529

File upload vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to upload arbitrary files via /system/application/libs/js/tinymce/plugins/filemanager/dialog.php and /system/application/libs/js/tinymce/plugins/filemanager/upload.php...

PT-2022-20160 · Tinymce +1 · Tinymce +1

Name of the Vulnerable Software and Affected Versions: asith-eranga ISIC tour booking versions through the version published on Feb 13th 2018 Description: The issue allows attackers to upload arbitrary files via "/system/application/libs/js/tinymce/plugins/filemanager/dialog.php" and...

GHSA-5M2H-7RF2-RPX6 UniSharp Laravel Filemanager directory traversal vulnerability

UniSharp laravel-filemanager aka Laravel Filemanager with league/flysystem version = 2.0.0...

UniSharp Laravel Filemanager directory traversal vulnerability

UniSharp laravel-filemanager aka Laravel Filemanager with league/flysystem version = 2.0.0...

CVE-2022-40734

UniSharp laravel-filemanager aka Laravel Filemanager before 2.6.4 allows download?workingdir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0...

CVE-2022-40734

UniSharp laravel-filemanager aka Laravel Filemanager before 2.6.4 allows download?workingdir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0...

CVE-2022-40734

UniSharp laravel-filemanager aka Laravel Filemanager before 2.6.4 allows download?workingdir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0...

Directory traversal

UniSharp laravel-filemanager aka Laravel Filemanager before 2.6.4 allows download?workingdir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0...

PT-2022-25496 · League Of Extraordinary Packages +1 · League/Flysystem +1

Name of the Vulnerable Software and Affected Versions: UniSharp laravel-filemanager aka Laravel Filemanager versions prior to 2.6.4 league/flysystem versions prior to 2.0.0 Description: The issue allows download?working dir=%2F.. directory traversal to read arbitrary files. This has been exploite...

VulnCheck KEV: CVE-2022-40734

UniSharp laravel-filemanager aka Laravel Filemanager before 2.6.4 allows download?workingdir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0...

laravel-filemanager 路径遍历漏洞

laravel-filemanager is a file upload/editor for Laravel 5 through 6 and CKEditor / TinyMCE. A path traversal vulnerability exists in versions of laravel-filemanager prior to 2.5.1, which stems from the fact that it allows reading arbitrary files by traversing directories via special URLs...

CVE-2022-40734

Laravel Filemanager (UniSharp) before 2.6.4 is vulnerable to local file inclusion via the download?working_dir=%2F.. parameter, enabling directory traversal to read arbitrary files. The flaw is tied to league/flysystem versions earlier than 2.0.0. In practice, versions up to 2.6.3 may be affected...

CVE-2017-20145

CVE-2017-20145 affects Tecrail Responsive Filemanger up to version 9.10.x. The root cause is a path traversal vulnerability that enables remote access to files. Several connected sources corroborate a critical impact and indicate upgrading to version 9.11.0 as the fix. In at least one reference, ...

CVE-2017-20145 Tecrail Responsive Filemanger path traversal

A vulnerability was found in Tecrail Responsive Filemanger up to 9.10.x and classified as critical. The manipulation leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 9.11.0 is able to address this issu...

Tecrail Responsive Filemanger 路径遍历漏洞

Tecrail Responsive Filemanger is a free open source file manager and image manager from Tecrail Italy. A security vulnerability exists in Tecrail Responsive Filemanger version 9.11.0 and earlier versions, which can be exploited by an attacker to copy, cut any file...

PT-2022-8012 · Tecrail · Tecrail Responsive Filemanager

Name of the Vulnerable Software and Affected Versions: Tecrail Responsive Filemanger versions up to 9.10.x Description: A critical vulnerability was found in Tecrail Responsive Filemanger, allowing for path traversal. The attack can be launched remotely. The issue has been disclosed publicly and...

CVE-2013-1891

In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed...