-
-
Save omriinbar/953368dcdd9e5eeefd83920166099528 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CVE-2021-40964 | |
| Vulnerable Product Version: All versions up to and including 2.4.6 | |
| Vulnerability Type: Relative Path Traversal (CWE-23) | |
| Description: A Path Traversal vulnerability exists in TinyFileManager all versions up to and including 2.4.6 that allows attackers to upload a file (with Admin credentials or with the CSRF vulnerability) with the "fullpath" parameter containing path traversal strings (../ and ..\) in order to escape the server's intended working directory and write malicious files onto any directory on the computer. | |
| CVE-2021-40965 | |
| Vulnerable Product Version: All versions up to and including 2.4.6 | |
| Vulnerability Type: Cross-Site Request Forgery (CWE-352) | |
| Description: A Cross-Site Request Forgery (CSRF) vulnerability exists in TinyFileManager all versions up to and including 2.4.6 that allows attackers to upload files and run OS commands by inducing the Administrator user to browse a URL controlled by an attacker. | |
| CVE-2021-40966 | |
| Vulnerable Product Version: All versions up to and including 2.4.6 | |
| Vulnerability Type: Stored XSS (CWE-79) | |
| Description: A Stored XSS exists in TinyFileManager All versions up to and including 2.4.6 in /tinyfilemanager.php when the server is given a file that contains HTML and javascript in its name. A malicious user can upload a file with a malicious filename containing javascript code and it will run on any user browser when they access the server. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment