63 matches found
CVE-2018-12042
Roxy Fileman 1.4.5 and earlier is vulnerable to a directory traversal flaw in the php/download.php f parameter, allowing access to arbitrary files. The issue is due to improper handling of the f parameter in file download functionality, enabling potential exposure of sensitive server files. Impac...
CVE-2018-12042
Roxy Fileman through v1.4.5 has Directory traversal via the php/download.php f parameter...
Roxy Fileman 1.4.5 Cross Site Scripting
=============================================================| | Exploit Title:A Roxy Fileman Cross Site Scripting | | Exploit Author: Ashiyane Digital Security Team | | Vendor Homepage: http://www.roxyfileman.com/ | | Download Link : http://www.roxyfileman.com/download.php?f=1.4.5-php | | Versio...