2 matches found
CVE-2018-20795
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary files via path traversal with the path parameter, through the copycut action in ajaxcalls.php and the pasteclipboard action in execute.php...
CVE-2018-20790
tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary file as a consequence of a paths0 path traversal mitigation bypass through the deletefile action in execute.php...