Lucene search
K
TecrailResponsive Filemanager*

4 matches found

CVE
CVE
added 2018/08/24 7:0 p.m.101 views

CVE-2018-15535

The CVE-2018-15535 issue affects tecrail Responsive FileManager prior to 9.13.4. An attacker can abuse filemanager/ajax_calls.php to construct a file path using external input and insufficient neutralization of “..” sequences, enabling Directory Traversal/Local File Inclusion. Impact described ac...

7.5CVSS6.1AI score0.45242EPSS
Web
CVE
CVE
added 2023/06/28 12:0 a.m.75 views

CVE-2022-44276

CVE-2022-44276 affects Responsive Filemanager prior to 9.12.0. The vulnerability allows bypassing upload restrictions in the file upload workflow, enabling remote code execution (RCE). Technical details from the PoC show exploitation via manipulated filenames and MIME-check logic (e.g., fix_filen...

9.8CVSS9.4AI score0.02302EPSS
Web
CVE
CVE
added 2018/08/24 7:0 p.m.72 views

CVE-2018-15536

CVE-2018-15536 affects tecrail Responsive FileManager prior to 9.13.4. The /filemanager/ajax_calls.php file does not properly validate file paths in archives, permitting a crafted archive extraction that overwrites arbitrary files (directory traversal). Public disclosures and exploits reference p...

5.8CVSS5.8AI score0.0641EPSS
Web
CVE
CVE
added 2018/08/18 2:0 a.m.42 views

CVE-2018-15495

CVE-2018-15495 affects Responsive FileManager prior to 9.13.3. The vulnerability allows Directory Traversal and SSRF because the url parameter is used directly in a curl_exec call, demonstrated by file:///etc/passwd. Several connected records (OSV and related entries) note that a fix existed but ...

7.5CVSS7.8AI score0.02373EPSS
Web