Trippo
Products
1- 8 CVEs
Recent CVEs
8| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-50807 | Med | 0.40 | 6.1 | 0.00 | Jan 10, 2025 | Trippo Responsive Filemanager 9.14.0 is vulnerable to Cross Site Scripting (XSS) via file upload using the svg and pdf extensions. | ||
| CVE-2018-20790 | 0.00 | — | 0.01 | Feb 25, 2019 | tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass through the delete_file action in execute.php. | |||
| CVE-2018-20791 | 0.00 | — | 0.00 | Feb 25, 2019 | tecrail Responsive FileManager 9.13.4 allows XSS via a media file upload with an XSS payload in the name, because of mishandling of the media_preview action. | |||
| CVE-2018-20789 | 0.00 | — | 0.01 | Feb 25, 2019 | tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary directory as a consequence of a paths[0] path traversal mitigation bypass through the delete_folder action in execute.php. | |||
| CVE-2018-20795 | 0.00 | — | 0.01 | Feb 25, 2019 | tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary files via path traversal with the path parameter, through the copy_cut action in ajax_calls.php and the paste_clipboard action in execute.php. | |||
| CVE-2018-20793 | 0.00 | — | 0.01 | Feb 25, 2019 | tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass, through the create_file action in execute.php. | |||
| CVE-2018-20794 | 0.00 | — | 0.01 | Feb 25, 2019 | tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary image file (jpg/jpeg/png) via path traversal with the path parameter, through the save_img action in ajax_calls.php. | |||
| CVE-2018-20792 | 0.00 | — | 0.01 | Feb 25, 2019 | tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary file via path traversal with the path parameter, through the get_file action in ajax_calls.php. |
- risk 0.40cvss 6.1epss 0.00
Trippo Responsive Filemanager 9.14.0 is vulnerable to Cross Site Scripting (XSS) via file upload using the svg and pdf extensions.
- CVE-2018-20790Feb 25, 2019risk 0.00cvss —epss 0.01
tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass through the delete_file action in execute.php.
- CVE-2018-20791Feb 25, 2019risk 0.00cvss —epss 0.00
tecrail Responsive FileManager 9.13.4 allows XSS via a media file upload with an XSS payload in the name, because of mishandling of the media_preview action.
- CVE-2018-20789Feb 25, 2019risk 0.00cvss —epss 0.01
tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary directory as a consequence of a paths[0] path traversal mitigation bypass through the delete_folder action in execute.php.
- CVE-2018-20795Feb 25, 2019risk 0.00cvss —epss 0.01
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary files via path traversal with the path parameter, through the copy_cut action in ajax_calls.php and the paste_clipboard action in execute.php.
- CVE-2018-20793Feb 25, 2019risk 0.00cvss —epss 0.01
tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass, through the create_file action in execute.php.
- CVE-2018-20794Feb 25, 2019risk 0.00cvss —epss 0.01
tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary image file (jpg/jpeg/png) via path traversal with the path parameter, through the save_img action in ajax_calls.php.
- CVE-2018-20792Feb 25, 2019risk 0.00cvss —epss 0.01
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary file via path traversal with the path parameter, through the get_file action in ajax_calls.php.