tinyfilemanager
by GitHub
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-40966 | Med | 0.35 | 5.4 | 0.01 | Sep 15, 2021 | A Stored XSS exists in TinyFileManager All version up to and including 2.4.6 in /tinyfilemanager.php when the server is given a file that contains HTML and javascript in its name. A malicious user can upload a file with a malicious filename containing javascript code and it will… | ||
| CVE-2022-1000 | Cri | 0.00 | 9.8 | 0.02 | Mar 17, 2022 | Path Traversal in GitHub repository prasathmani/tinyfilemanager prior to 2.4.7. |
- risk 0.35cvss 5.4epss 0.01
A Stored XSS exists in TinyFileManager All version up to and including 2.4.6 in /tinyfilemanager.php when the server is given a file that contains HTML and javascript in its name. A malicious user can upload a file with a malicious filename containing javascript code and it will…
- risk 0.00cvss 9.8epss 0.02
Path Traversal in GitHub repository prasathmani/tinyfilemanager prior to 2.4.7.