VYPR
Vendor

Alexusmai

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2025-56399HigOct 28, 2025
    risk 0.57cvss 8.8epss 0.01

    alexusmai laravel-file-manager 3.3.1 and before allows an authenticated attacker to achieve Remote Code Execution (RCE) through a crafted file upload. A file with a '.png` extension containing PHP code can be uploaded via the file manager interface. Although the upload appears…

  • CVE-2019-25673HigApr 5, 2026
    risk 0.50cvss 8.8epss 0.00

    UniSharp Laravel File Manager v2.0.0-alpha7 and v2.0 contain an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by sending multipart form data to the upload endpoint. Attackers can upload PHP files with the type parameter set to…

  • CVE-2025-65346Dec 4, 2025
    risk 0.00cvss epss 0.01

    alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The unzip/extraction functionality improperly allows archive contents to be written to arbitrary locations on the filesystem due to insufficient validation of extraction paths.

  • CVE-2025-65345Dec 3, 2025
    risk 0.00cvss epss 0.01

    alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The zip/archiving functionality allows an attacker to create archives containing files and directories outside the intended scope due to improper path validation.

  • CVE-2025-63307Nov 6, 2025
    risk 0.00cvss epss 0.00

    alexusmai laravel-file-manager 3.3.1 is vulnerable to Cross Site Scripting (XSS). The application permits user-controlled upload, create, and rename of files to HTML and SVG types and serves those files inline without adequate content-type validation or output sanitization.

  • CVE-2021-23814Dec 17, 2021
    risk 0.00cvss epss 0.02

    This affects versions of the package unisharp/laravel-filemanager before 2.6.2. The upload() function does not sufficiently validate the file type when uploading. An attacker may be able to reproduce the following steps: 1. Install a package with a web Laravel application. 2.…