CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

50 matches found

Vulnrichment•added 2026/06/15 11:44 a.m.•7 views

CVE-2026-5482 Remote Code Execution via Unrestricted File Upload in Responsive FileManager

Responsive FileManager's allows an unauthenticated attacker to upload files of any type and extension without restriction using dialog.php endpoint, leading to Remote Code Execution. This project is unmaintained at the time of CVE assignment. The vulnerability was found in the latest release 9.14...

9.3CVSS5.4AI score0.00445EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-3464

Malware in sbrugna...

6.1CVSS6.3AI score0.00906EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2007-5787

Malware in sbrugna...

6.1CVSS6.4AI score0.01028EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•8 views

EUVD-2017-16632

Malware in sbrugna...

5.3CVSS5.5AI score0.0072EPSS

Exploits0References3

RedhatCVE•added 2025/05/22 4:59 p.m.•7 views

CVE-2020-11106

An issue was discovered in Responsive Filemanager through 9.14.0. In the dialog.php page, the session variable $SESSION'RF'"viewtype" wasn't sanitized if it was already set. This made stored XSS possible if one opens ajaxcalls.php and uses the "view" action and places a payload in the type...

6.1CVSS5.7AI score0.00906EPSS

Exploits1References1

NVD•added 2024/03/22 3:15 a.m.•8 views

CVE-2024-26557

Codiad v2.8.4 allows reflected XSS via the components/market/dialog.php type parameter...

5.4CVSS5.7AI score0.00343EPSS

Exploits1References1

Vulnrichment•added 2024/03/22 12:0 a.m.•10 views

CVE-2024-26557

Codiad v2.8.4 allows reflected XSS via the components/market/dialog.php type parameter...

5.9AI score0.00343EPSS

Exploits1References1

CVE•added 2024/03/22 12:0 a.m.•60 views

CVE-2024-26557

CVE-2024-26557 affects Codiad v2.8.4 and is a reflected XSS in the parameter type of the endpoint components/market/dialog.php. The root cause is likely unsanitized or insufficiently validated user input in the type parameter, enabling reflected script execution in the web UI. Documented impact i...

5.4CVSS5.8AI score0.00343EPSS

Exploits1References1Affected Software1

Cvelist•added 2024/03/22 12:0 a.m.•15 views

CVE-2024-26557

Codiad v2.8.4 allows reflected XSS via the components/market/dialog.php type parameter...

5.8AI score0.00343EPSS

Exploits1References1

Prion•added 2023/05/09 4:15 p.m.•10 views

Cross site scripting

Cross Site Scripting vulnerability found in Trippo ResponsiveFilemanager v.9.14.0 and before allows a remote attacker to execute arbitrary code via the sortby parameter in the dialog.php file...

4.9CVSS5.8AI score0.00491EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/05/09 12:0 a.m.•18 views

CVE-2021-31711

Cross Site Scripting vulnerability found in Trippo ResponsiveFilemanager v.9.14.0 and before allows a remote attacker to execute arbitrary code via the sortby parameter in the dialog.php file...

6AI score0.00491EPSS

Exploits1References1

CNNVD•added 2023/05/09 12:0 a.m.•2 views

ResponsiveFilemanager 跨站脚本漏洞

ResponsiveFilemanager is a fully responsive file manager. A security vulnerability exists in ResponsiveFilemanager v.9.14.0 and earlier versions, which stems from a cross-site scripting vulnerability that allows remote attackers to execute arbitrary code via the sortby parameter in the dialog.php...

5.4CVSS6AI score0.00491EPSS

Exploits1References3

Prion•added 2022/11/22 1:15 a.m.•9 views

Unrestricted file upload

File upload vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to upload arbitrary files via /system/application/libs/js/tinymce/plugins/filemanager/dialog.php and /system/application/libs/js/tinymce/plugins/filemanager/upload.php...

5.8CVSS7AI score0.00953EPSS

Exploits1References2Affected Software1

NVD•added 2020/03/30 10:15 p.m.•9 views

CVE-2020-11106

6.1CVSS6AI score0.00906EPSS

Exploits1References1

Prion•added 2020/03/30 10:15 p.m.•15 views

Cross site scripting

4.3CVSS5.8AI score0.00906EPSS

Exploits1References1Affected Software1

OSV•added 2018/10/10 9:29 p.m.•1 views

CVE-2018-18062

An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. A reflected XSS vulnerability allows remote attackers to inject arbitrary web script or HTML...

6.1CVSS5.9AI score0.00813EPSS

Exploits3References1

NVD•added 2018/10/10 9:29 p.m.•25 views

CVE-2018-18062

An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. A reflected XSS vulnerability allows remote attackers to inject arbitrary web script or HTML...

6.1CVSS6AI score0.00813EPSS

Exploits3References1

Prion•added 2018/10/10 9:29 p.m.•17 views

Design/Logic Flaw

An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. Attackers can access the file manager interface that provides them with the ability to upload and delete files...

6.4CVSS7.5AI score0.0091EPSS

Exploits3References1Affected Software1

Prion•added 2018/10/10 9:29 p.m.•16 views

Cross site scripting

An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. A reflected XSS vulnerability allows remote attackers to inject arbitrary web script or HTML...

4.3CVSS6AI score0.00813EPSS

Exploits3References1Affected Software1

Cvelist•added 2018/10/10 9:0 p.m.•32 views

CVE-2018-18061

An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. Attackers can access the file manager interface that provides them with the ability to upload and delete files...

7.5AI score0.0091EPSS

Exploits3References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by