Medium severity4.8NVD Advisory· Published Feb 6, 2025· Updated Jun 17, 2026
CVE-2022-40490
CVE-2022-40490
Description
Tiny File Manager v2.4.7 and below was discovered to contain a Cross Site Scripting (XSS) vulnerability. This vulnerability allows attackers to execute arbitrary code via a crafted payload injected into the name of an uploaded or already existing file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Tiny File Manager/Tiny File Managerdescription
- Range: <=2.4.7
Patches
Vulnerability mechanics
References
1- github.com/whitej3rry/CVE-2022-40490/blob/main/PoC.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.