CVE-2025-46001

Published
View on NVD ↗
CVSS v3
9.8
CRITICAL
CVSS v2
N/A
Affected
2
PROJECTS

Description

An arbitrary file upload vulnerability in the is_allowed_file_type() function of Filemanager v2.3.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.

simogeo/Filemanager
simogeo/Filemanager
An open-source file manager released under MIT license. Up-to-date for PHP connector. This package is DEPRECATED. Now, please use RichFileManager available at : https://github.com/servocoder/RichFilemanager.
GitHubGitHub
936
zakumini/CVE-List
zakumini/CVE-List
A public list of CVEs I have discovered and responsibly disclosed.
GitHubGitHub