VYPR

Libra File Manager

by Libra File Manager

CVEs (2)

  • CVE-2022-0403HigApr 4, 2022
    risk 0.53cvss 8.1epss 0.01

    The Library File Manager WordPress plugin before 5.2.3 is using an outdated version of the elFinder library, which is know to be affected by security issues (CVE-2021-32682), and does not have any authorisation as well as CSRF checks in its connector AJAX action, allowing any…

  • CVE-2008-4319Sep 29, 2008
    risk 0.03cvss epss 0.02

    fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and earlier allows remote attackers to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters in the query…