Roxy Fileman 1.4.5 - Unrestricted File Upload

Roxy Fileman 1.4.5 is susceptible to unrestricted file upload via upload.php. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. id: CVE-2018-20526 info: name: Roxy Fileman 1.4.5 -...

EUVD-2019-16718

Malware in sbrugna...

EUVD-2018-13417

Malware in sbrugna...

EUVD-2017-9552

Malware in sbrugna...

EUVD-2018-4025

Malware in sbrugna...

EUVD-2022-44063

Malicious code in bioql PyPI...

Vulnerability of the main and fileman modules of the 1C-Bitrix website management system: Website management that allows attackers to gain unauthorized access to configuration and executable files

Vulnerability of the main and fileman modules of the 1C-Bitrix website management system: Website management involves insecure handling of privileges. Exploiting this vulnerability can allow an attacker to gain unauthorized access to configuration and executable files...

Vulnerability of the main and fileman modules of the 1C-Bitrix website management system: Website management that allows a hacker to gain unauthorized access to protected information beyond the web directory

Vulnerability of the main and fileman modules of the CMS system: Website management is related to vulnerabilities in path name restrictions for directories. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information beyond the web directory...

VulnCheck KEV: CVE-2018-20526

Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php...

CVE-2022-40797

Roxy Fileman 1.4.6 allows Remote Code Execution via a .phar upload, because the default FORBIDDENUPLOADS value in conf.json only blocks .php, .php4, and .php5 files. Visiting any .phar file invokes the PHP interpreter in some realistic web-server configurations...

CVE-2018-20525

Roxy Fileman 1.4.5 allows Directory Traversal in copydir.php, copyfile.php, and fileslist.php...

CVE-2018-12042

Roxy Fileman through v1.4.5 has Directory traversal via the php/download.php f parameter...

CVE-2019-25105

A vulnerability, which was classified as problematic, was found in dro.pm. This affects an unknown part of the file web/fileman.php. The manipulation of the argument secret/key leads to cross site scripting. It is possible to initiate the attack remotely. This product does not use versioning. Thi...

CVE-2018-20526

Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php...

Roxy Fileman 1.4.5 - Arbitrary File Upload

Exploit Title: Roxy Fileman 1.4.5 - Arbitrary File Upload Date: 09/04/2023 Exploit Author: Zer0FauLT [email protected] Vendor Homepage: roxyfileman.com Software Link: https://web.archive.org/web/20190317053437/http://roxyfileman.com/download.php?f=1.4.5-net Version: = 1.4.5 Tested on: Window...

Roxy Fileman 1.4.5 - Arbitrary File Upload Vulnerability

Exploit Title: Roxy Fileman 1.4.5 - Arbitrary File Upload Exploit Author: Zer0FauLT email protected Vendor Homepage: roxyfileman.com Software Link: https://web.archive.org/web/20190317053437/http://roxyfileman.com/download.php?f=1.4.5-net Version: = 1.4.5 Tested on: Windows 10 and Windows Server...

PT-2023-11363 · Dro.Pm · Dro.Pm

Name of the Vulnerable Software and Affected Versions: dro.pm affected versions not specified Description: A problematic issue was found in dro.pm, affecting an unknown part of the file web/fileman.php. The manipulation of the secret/key argument leads to cross-site scripting. It is possible to...

dro.pm 跨站脚本漏洞

dro.pm is an application by Luc Gommans personal developer. Used to remove links, text and files for easy sharing A cross-site scripting vulnerability exists in previous versions of dro.pm fa73c3a42bc5c246a1b8f815699ea241aef154bb, which stems from a security issue in the unknown section of the fi...

Roxy Fileman 1.4.6 Remote Shell Upload Exploit

Exploit Title: Roxy Fileman Vendor Homepage: roxyfileman.com Software Link: https://web.archive.org/web/20210126213412/https://roxyfileman.com/download.php?f=1.4.6-php Version: \t\n' banner += '\t\t\t\t\t\t\n' banner += '\n' parser = OptionParser parser.addoption"-u", "--url", dest="url", help="u...

Roxy Fileman 1.4.6 Remote Shell Upload

Exploit Title: Roxy Fileman Vendor Homepage: roxyfileman.com Software Link: https://web.archive.org/web/20210126213412/https://roxyfileman.com/download.php?f=1.4.6-php Version: \t\n' banner += '\t\t\t\t\t\t\n' banner += '\n' parser = OptionParser parser.addoption"-u", "--url", dest="url", help="u...