VYPR

tinyfilemanager

by GitHub

CVEs (2)

  • CVE-2021-40966MedSep 15, 2021
    risk 0.35cvss 5.4epss 0.01

    A Stored XSS exists in TinyFileManager All version up to and including 2.4.6 in /tinyfilemanager.php when the server is given a file that contains HTML and javascript in its name. A malicious user can upload a file with a malicious filename containing javascript code and it will…

  • CVE-2022-1000CriMar 17, 2022
    risk 0.00cvss 9.8epss 0.02

    Path Traversal in GitHub repository prasathmani/tinyfilemanager prior to 2.4.7.