98 matches found
CVE-2018-20791
CVE-2018-20791 affects tecrail Responsive FileManager 9.13.4. The issue is an XSS via a media file upload, caused by mishandling of the media_preview action, allowing an attacker to inject script/HTML through the filename. Connected sources confirm the product/version and the vulnerability class;...
CVE-2018-20792
tecrail Responsive FileManager 9.13.4 contains a path traversal vulnerability in ajax_calls.php (get_file action). Insufficient sanitization of directory traversal characters allows remote attackers to read arbitrary files. The issue is documented across multiple sources (NVD/CVE entries and vend...
CVE-2018-20789
Product : tecrail Responsive FileManager 9.13.4. Vulnerability : path traversal mitigation bypass in the delete_folder action of execute.php, allowing a remote attacker to delete an arbitrary directory. Root cause : bypasses a path traversal check. Impact : arbitrary directory deletion as stated....
tecrail Responsive FileManager path traversal vulnerability (CNVD-2019-12903)
tecrail Responsive FileManager is an open source file manager written in PHP by the Italian company tecrail. The product supports the uploading and management of videos, images or other files. A path traversal vulnerability exists in tecrail Responsive FileManager version 9.13.4. A remote attacke...
tecrail Responsive FileManager Arbitrary Directory Deletion Vulnerability
tecrail Responsive FileManager is an open source file manager written in PHP by the Italian company tecrail. The product supports the uploading and management of videos, images or other files. A security vulnerability exists in the 'deletefolder' function of the execute.php file in version 9.13.4...
tecrail Responsive FileManager path traversal vulnerability (CNVD-2019-12902)
tecrail Responsive FileManager is an open source file manager written in PHP by the Italian company tecrail. The product supports the uploading and management of videos, images or other files. A path traversal vulnerability exists in the 'saveimg' function of the ajaxcalls.php file in version...
tecrail Responsive FileManager Cross-Site Scripting Vulnerability
tecrail Responsive FileManager is an open source file manager written in PHP by the Italian company tecrail. The product supports the uploading and management of videos, images or other files. A cross-site scripting vulnerability exists in version 9.13.4 of tecrail Responsive FileManager. A remot...
tecrail Responsive FileManager path traversal vulnerability (CNVD-2019-12901)
tecrail Responsive FileManager is an open source file manager written in PHP by the Italian company tecrail. The product supports the uploading and management of videos, images or other files. A path traversal vulnerability exists in the 'createfile' function of the execute.php file in version...
tecrail Responsive FileManager path traversal vulnerability (CNVD-2019-12900)
tecrail Responsive FileManager is an open source file manager written in PHP by the Italian company tecrail. The product supports the uploading and management of videos, images or other files. A path traversal vulnerability exists in the 'getfile' function of the ajaxcalls.php file in version...
Responsive FileManager 9.13.4 - Multiple Vulnerabilities
Responsive FileManager 9.13.4 - Multiple Vulnerabilities Date: December 12, 2018 Author: farisv Vendor Homepage: https://www.responsivefilemanager.com/ Vulnerable Package Link: https://github.com/trippo/ResponsiveFilemanager/releases/download/v9.13.4/responsivefilemanager.zip Responsive FileManag...
CVE-2018-18062
An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. A reflected XSS vulnerability allows remote attackers to inject arbitrary web script or HTML...
CVE-2018-18061
An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. Attackers can access the file manager interface that provides them with the ability to upload and delete files...
CVE-2018-18061
An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. Attackers can access the file manager interface that provides them with the ability to upload and delete files...
CVE-2018-18062
An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. A reflected XSS vulnerability allows remote attackers to inject arbitrary web script or HTML...
Cross site scripting
An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. A reflected XSS vulnerability allows remote attackers to inject arbitrary web script or HTML...
CVE-2018-18061
Summary (CVE-2018-18061): Tecral/Responsive FileManager 9.8.1 exposes an authentication bypass in its dialog.php, allowing remote attackers to access the file-management interface and perform file upload, edit, and delete actions. Concrete PoC references show that a secretkey parameter can bypass...
CVE-2018-18062
The CVE-2018-18062 entry concerns tecrail Responsive FileManager 9.8.1, specifically a vulnerability in dialog.php that enables reflected XSS. An attacker can craft a URL to cause the hosting site's context to execute arbitrary script/HTML in a victim’s browser, potentially stealing cookie-based ...
Responsive Filemanager Cross-Site Scripting Vulnerability
Responsive FileManager is an open source file manager written in PHP that supports uploading and managing videos, images and other files. A cross-site scripting vulnerability exists in Responsive Filemanager version 9.8.1, which can be exploited by a remote attacker to execute script in a victim'...
Responsive Filemanager Authentication Bypass Vulnerability
Responsive FileManager is an open source file manager written in PHP that supports uploading and managing videos, images and other files. An authentication bypass vulnerability exists in Responsive Filemanager version 9.8.1 that allows an attacker to access the file management interface, which...
Responsive Filemanager 9.8.1 Authentication Bypass
I. VULNERABILITY ------------------------- Responsive Filemanager 9.8.1 Authentication Bypass II. CVE REFERENCE ------------------------- CVE-2018-18061 III. VENDOR ------------------------- https://www.responsivefilemanager.com IV. REFERENCES -------------------------...