Lucene search
K

63 matches found

CVE
CVE
added 2022/11/09 12:0 a.m.99 views

CVE-2022-40797

CVE-2022-40797 affects Roxy Fileman 1.4.6. The vulnerability is a remote code execution via uploading a .phar file, because conf.json’s FORBIDDEN_UPLOADS setting only blocks .php, .php4, and .php5. In some web-server configurations visiting a .phar file can execute the PHP interpreter, enabling a...

9.8CVSS9.6AI score0.02555EPSS
Exploits3References4Affected Software1
NVD
NVD
added 2019/12/16 5:15 p.m.21 views

CVE-2019-19731

Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. A remote attacker can write uploaded files to arbitrary locations via the RENAMEFILE action. This can be leveraged for code execution by uploading a specially crafted Windows shortcut file and writing the file to the Startup folder...

7.5CVSS7.9AI score0.11617EPSS
Exploits5References2
Prion
Prion
added 2019/12/16 5:15 p.m.13 views

Path traversal

Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. A remote attacker can write uploaded files to arbitrary locations via the RENAMEFILE action. This can be leveraged for code execution by uploading a specially crafted Windows shortcut file and writing the file to the Startup folder...

5CVSS7.9AI score0.11617EPSS
Exploits5References2Affected Software1
Cvelist
Cvelist
added 2019/12/16 4:26 p.m.24 views

CVE-2019-19731

Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. A remote attacker can write uploaded files to arbitrary locations via the RENAMEFILE action. This can be leveraged for code execution by uploading a specially crafted Windows shortcut file and writing the file to the Startup folder...

7.8AI score0.11617EPSS
Exploits5References2
CVE
CVE
added 2019/12/16 4:26 p.m.62 views

CVE-2019-19731

CVE-2019-19731 affects Roxy Fileman 1.4.5 for .NET. The vulnerability is a path traversal flaw that allows a remote attacker to write uploaded files to arbitrary locations via the RENAMEFILE action. Documents describe that this can enable code execution by uploading a crafted Windows shortcut fil...

7.5CVSS7.8AI score0.11617EPSS
Exploits5References2Affected Software1
CNVD
CNVD
added 2019/12/16 12:0 a.m.5 views

Roxy Fileman Path Traversal Vulnerability (CNVD-2020-03726)

Roxy Fileman is a set of open source file browser for . A path traversal vulnerability exists in Roxy Fileman version 1.4.5 for . The vulnerability stems from a failure of a networked system or product to properly filter special elements in the path of a resource or file. An attacker could use th...

7.5CVSS6.8AI score0.11617EPSS
Exploits5References1
Exploit DB
Exploit DB
added 2019/12/16 12:0 a.m.124 views

Roxy Fileman 1.4.5 - Directory Traversal

Exploit Title: Roxy Fileman 1.4.5 - Directory Traversal Author: Patrik Lantz Date: 2019-12-06 Software: Roxy Fileman Version: 1.4.5 Vendor Homepage: http://www.roxyfileman.com/ Software Link: http://www.roxyfileman.com/download.php?f=1.4.5-net CVE: CVE-2019-19731 Tested on: ASP.NET 4.0.30319 and...

7.5CVSS7.8AI score0.11617EPSS
Exploits5
exploitpack
exploitpack
added 2019/12/16 12:0 a.m.66 views

Roxy Fileman 1.4.5 - Directory Traversal

Roxy Fileman 1.4.5 - Directory Traversal Exploit Title: Roxy Fileman 1.4.5 - Directory Traversal Author: Patrik Lantz Date: 2019-12-06 Software: Roxy Fileman Version: 1.4.5 Vendor Homepage: http://www.roxyfileman.com/ Software Link: http://www.roxyfileman.com/download.php?f=1.4.5-net CVE:...

5CVSS0.6AI score0.11617EPSS
Exploits5
0day.today
0day.today
added 2019/12/14 12:0 a.m.454 views

Roxy Fileman 1.4.5 For .NET Directory Traversal Vulnerability

Exploit for php platform in category web applications =========================== Exploit Title: Roxy Fileman 1.4.5 for .NET - Directory Traversal Software: Roxy Fileman Version: 1.4.5 Vendor Homepage: http://www.roxyfileman.com/ Software Link: http://www.roxyfileman.com/download.php?f=1.4.5-net...

0.2AI score0.11617EPSS
Exploits5
Packet Storm
Packet Storm
added 2019/12/13 12:0 a.m.447 views

Roxy Fileman 1.4.5 For .NET Directory Traversal

=========================== Exploit Title: Roxy Fileman 1.4.5 for .NET - Directory Traversal Software: Roxy Fileman Version: 1.4.5 Vendor Homepage: http://www.roxyfileman.com/ Software Link: http://www.roxyfileman.com/download.php?f=1.4.5-net CVE number: CVE-2019-19731 Found: 2019-12-06 Tested on...

0.6AI score0.11617EPSS
Exploits5
CNVD
CNVD
added 2019/12/10 12:0 a.m.4 views

nopCommerce Path Traversal Vulnerability

nopCommerce is an open source e-commerce shopping cart software. roxy Fileman is a free open source file browser for .NET and PHP , can be integrated into the CKEditor and TinyMCE WYSIWYG html editor . Roxy Fileman used in nopCommerce 4.2.0 suffers from . /path traversal vulnerability can be...

9.1CVSS7AI score0.0181EPSS
Exploits1References1
CNVD
CNVD
added 2019/12/10 12:0 a.m.4 views

nopCommerce Cross-Site Request Forgery Vulnerability

nopCommerce is an open source e-commerce shopping cart software. roxy Fileman is a free open source file browser for .NET and PHP , can be integrated into the CKEditor and TinyMCE WYSIWYG html editor . A cross-site request forgery vulnerability exists in Roxy Fileman used in nopCommerce 4.2.0,...

8.8CVSS7AI score0.00513EPSS
Exploits1References1
Prion
Prion
added 2019/04/09 6:29 p.m.14 views

Design/Logic Flaw

Roxy Fileman 1.4.5 allows attackers to execute renamefile.php aka Rename File, createdir.php aka Create Directory, fileslist.php aka Echo File List, and movefile.php aka Move File operations...

7.5CVSS9.5AI score0.01656EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/04/09 6:29 p.m.5 views

CVE-2019-7174

Roxy Fileman 1.4.5 allows attackers to execute renamefile.php aka Rename File, createdir.php aka Create Directory, fileslist.php aka Echo File List, and movefile.php aka Move File operations...

9.8CVSS7.4AI score
Exploits0References1
NVD
NVD
added 2019/04/09 6:29 p.m.17 views

CVE-2019-7174

Roxy Fileman 1.4.5 allows attackers to execute renamefile.php aka Rename File, createdir.php aka Create Directory, fileslist.php aka Echo File List, and movefile.php aka Move File operations...

9.8CVSS9.6AI score0.01656EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/04/09 5:58 p.m.16 views

CVE-2019-7174

Roxy Fileman 1.4.5 allows attackers to execute renamefile.php aka Rename File, createdir.php aka Create Directory, fileslist.php aka Echo File List, and movefile.php aka Move File operations...

9.6AI score0.01656EPSS
Exploits1References1
CVE
CVE
added 2019/04/09 5:58 p.m.53 views

CVE-2019-7174

CVE-2019-7174 pertains to Roxy Fileman 1.4.5, where attackers can trigger the server to perform file-management operations via renamefile.php, createdir.php, fileslist.php, and movefile.php. The affected component is the Fileman web interface; the description notes these endpoints can be executed...

9.8CVSS9.4AI score0.01656EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/03/21 4:0 p.m.3 views

CVE-2018-20525

Roxy Fileman 1.4.5 allows Directory Traversal in copydir.php, copyfile.php, and fileslist.php...

9.1CVSS5.8AI score0.21646EPSS
Exploits7References3
NVD
NVD
added 2019/03/21 4:0 p.m.10 views

CVE-2018-20525

Roxy Fileman 1.4.5 allows Directory Traversal in copydir.php, copyfile.php, and fileslist.php...

9.1CVSS9.2AI score0.21646EPSS
Exploits7References3
NVD
NVD
added 2019/03/21 4:0 p.m.9 views

CVE-2018-20526

Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php...

9.8CVSS9.6AI score0.73663EPSS
Exploits4References2
Rows per page
Query Builder