67 matches found
TinyFileManager 跨站脚本漏洞
TinyFileManager is a web-based file manager used to store, upload, edit and manage files and folders online via a web browser. It is used to store, upload, edit and manage files and folders online via a Web browser. A cross-site scripting vulnerability exists in TinyFileManager 2.4.6 and all...
TinyFileManager 跨站请求伪造漏洞
TinyFileManager is a web-based file manager. A cross-site request forgery vulnerability exists in TinyFileManager 2.4.6 and all versions below, which can be exploited by attackers to upload files and run operating system commands by tricking Administrator users into browsing an attacker-controlle...
TinyFileManager 路径遍历漏洞
TinyFileManager is a web-based file manager used to store, upload, edit and manage files and folders online via a web browser. A path traversal vulnerability exists in TinyFileManager 2.4.6 and all versions below, which stems from the software's lack of validation and escaping of the fullpath...
PT-2021-23021
Name of the Vulnerable Software and Affected Versions TinyFileManager versions up to and including 2.4.6 Description A Stored XSS issue exists in TinyFileManager when the server is given a file that contains HTML and javascript in its name. A malicious user can upload a file with a malicious...
Server-Side Request Forgery (SSRF) in prasathmani/tinyfilemanager
✍️ Description SSRF to access internal server 🕵️♂️ Proof of Concept 1. goto http://localhost/tinyfilemanager/index.php?p=&upload and put internal serveer address and see it will fetch that file Video Poc https://drive.google.com/file/d/1dsTqvuQbGN619Gdncze4tuIH7MsonliT/view?usp=sharing 💥 Impact...
Cross-site Scripting (XSS) - Generic in prasathmani/tinyfilemanager
✍️ Description Crss site scripting bug exist via file upload 🕵️♂️ Proof of Concept 1. Upload a file and capture the request in burpsuite . 2. Now change fullpath parameter value to xss payload in burpsuite and forward the request . and see xss is executed Video poc...
Cross-site Scripting (XSS) - Generic in prasathmani/tinyfilemanager
:book: Description TinyFileManager is web based file manager and it is a simple, fast and small file manager with a single file, multi-language ready web application for storing, uploading, editing and managing files and folders online via web browser. The Application runs on PHP 5.5+, It allows...