Roxy Fileman 代码问题漏洞

Roxy Fileman is an open source file browser for . A code issue exists in Roxy Fileman version 1.4.6, which stems from a default FORBIDDENUPLOADS value in conf.json that only blocks .php, .php4, and .php5 files, and can be exploited to execute remote code via a .phar upload...

PT-2022-25541 · Unknown · Roxy Fileman

Name of the Vulnerable Software and Affected Versions: Roxy Fileman version 1.4.6 Description: The issue allows Remote Code Execution via a .phar upload. This is because the default FORBIDDEN UPLOADS value in conf.json only blocks .php, .php4, and .php5 files. In some web-server configurations,...

Roxy Fileman 1.4.4 - Arbitrary File Upload

Exploit for php platform in category web applications Exploit Title: Roxy Fileman = 1.4.4 Forbidden File Upload Vulnerability Google Dork: intitle:"Roxy file manager" Date: 15-06-2016 Exploit Author: Tyrell Sassen Vendor Homepage: http://www.roxyfileman.com/ Software Link:...

Roxy Fileman 1.4.4 - Arbitrary File Upload

Roxy Fileman 1.4.4 - Arbitrary File Upload Exploit Title: Roxy Fileman = 1.4.4 Forbidden File Upload Vulnerability Google Dork: intitle:"Roxy file manager" Date: 15-06-2016 Exploit Author: Tyrell Sassen Vendor Homepage: http://www.roxyfileman.com/ Software Link:...

Roxy Fileman 1.4.4 - Arbitrary File Upload

Exploit Title: Roxy Fileman = 1.4.4 Forbidden File Upload Vulnerability Google Dork: intitle:"Roxy file manager" Date: 15-06-2016 Exploit Author: Tyrell Sassen Vendor Homepage: http://www.roxyfileman.com/ Software Link: http://www.roxyfileman.com/download.php?f=1.4.4-php Version: 1.4.4 Tested on:...

Roxy File Manager 1.4.4 Shell Upload

Exploit Title: Roxy Fileman = 1.4.4 Forbidden File Upload Vulnerability Google Dork: intitle:"Roxy file manager" Date: 15-06-2016 Exploit Author: Tyrell Sassen Vendor Homepage: http://www.roxyfileman.com/ Software Link: http://www.roxyfileman.com/download.php?f=1.4.4-php Version: 1.4.4 Tested on:...