VYPR
Moderate severityNVD Advisory· Published Sep 14, 2022· Updated Aug 3, 2024

CVE-2022-40734

CVE-2022-40734

Description

UniSharp laravel-filemanager (aka Laravel Filemanager) before 2.6.4 allows download?working_dir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
unisharp/laravel-filemanagerPackagist
< 2.6.42.6.4

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.