4 matches found
Tiny File Manager 2.4.6 Shell Upload
Exploit Title: Tiny File Manager 2.4.6 - Remote Code Execution RCE Date: 14/03/2022 Exploit Author: FEBIN MON SAJI Software Link: https://github.com/prasathmani/tinyfilemanager Version: Tiny File Manager Example: $0 http://files.ubuntu.local/index.php admin "admin@123" " log-in URL=$1 admin=$2...
Tiny File Manager 2.4.6 - Remote Code Execution Exploit
Exploit Title: Tiny File Manager 2.4.6 - Remote Code Execution RCE Exploit Author: FEBIN MON SAJI Software Link: https://github.com/prasathmani/tinyfilemanager Version: Tiny File Manager Example: $0 http://files.ubuntu.local/index.php admin "email protected" " log-in URL=$1 admin=$2 pass=$3...
CVE-2021-40964
creationtimestamp| type| source ---|---|--- 2021-09-15 22:22:19+00:00| seen| https://t.me/cibsecurity/28945 2025-06-20 05:32:52+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/41172 2025-06-20 09:00:05+00:00| published-proof-of-concept|...
CVE-2021-40964
CVE-2021-40964 concerns TinyFileManager up to version 2.4.6, where a path traversal flaw in the fullpath parameter allows uploading files outside the intended working directory. The root cause is inadequate validation/escaping of fullpath, enabling an attacker to place malicious files in arbitrar...