Lucene search
K

5 matches found

Prion
Prion
added 2020/03/07 12:15 a.m.25 views

Design/Logic Flaw

upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an internal IP address. For example, an SSRF attempt may succeed if a .ico filename is added to the...

7.5CVSS9.4AI score0.76511EPSS
Exploits6References1Affected Software1
CVE
CVE
added 2020/03/06 11:30 p.m.181 views

CVE-2020-10212

CVE-2020-10212 concerns Responsive FileManager. The vulnerability is an SSRF in upload.php via the url parameter, affecting 9.13.4 and 9.14.0, with the issue rooted in how file-extension blocking is handled and DNS hostnames resolving to internal IPs; this is noted as a consequence of an incomple...

9.8CVSS9.3AI score0.0148EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/08/03 6:29 p.m.18 views

CVE-2018-14728

upload.php in Responsive FileManager 9.13.1 allows SSRF via the url parameter...

9.8CVSS9.5AI score0.76511EPSS
Exploits5References2
CVE
CVE
added 2018/08/03 6:0 p.m.103 views

CVE-2018-14728

CVE-2018-14728 affects Responsive FileManager 9.13.1 where the upload.php endpoint allows a server‑side request forgery (SSRF) via the parameter. The issue is documented in multiple sources (NVD entry for CVE‑2018‑14728 and the Nuclei template) and is classified as high/critical impact (NS: netw...

9.8CVSS9.2AI score0.76511EPSS
Exploits5References2Affected Software1
Exploit DB
Exploit DB
added 2018/07/30 12:0 a.m.34 views

Responsive Filemanager 9.13.1 - Server-Side Request Forgery

Exploit Title: Responsive filemanager 9.13.1 - Server-Side Request Forgery Date: 2018-07-29 Exploit Author: GUIA BRAHIM FOUAD Vendor Homepage: http://responsivefilemanager.com/ Software Link: https://github.com/trippo/ResponsiveFilemanager/releases/download/v9.13.1/responsivefilemanager.zip...

9.8CVSS9.8AI score0.76511EPSS
Exploits5
Rows per page
Query Builder