febinrev/tinyfilemanager-2.4.3-exploit

febinrev/tinyfilemanager-2.4.3-exploit

GitHubGitHub
GitHubgithub.com
Releases0
Stars13
A Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager Project's Tiny File Manager <= 2.4.6 allows remote attackers with valid user accounts to upload malicious PHP files to the webroot and achieve code execution on the target server.
Log in to subscribe

CVE History

CVEPublishedCVSS v3CVSS v2
CVE-2021-45010
8.8 HIGH6.5 MEDIUM

A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager before 2.4.7 allows remote attackers (with valid user accounts) to upload malicious PHP files to the webroot, leading to code execution.