Product
tecrail responsive filemanager
21 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2022-44276
CVE-2021-31711
CVE-2022-46604
CVE-2017-20145
CVE-2020-11106
CVE-2020-10567
CVE-2020-10212
CVE-2018-20795
CVE-2018-20794
CVE-2018-20793
CVE-2018-20792
CVE-2018-20791
CVE-2018-20790
CVE-2018-20789
CVE-2018-18867
CVE-2018-18062
CVE-2018-18061
CVE-2018-15536
CVE-2018-15535
CVE-2018-15495
CVE-2018-14728
< 9.12.0
In Responsive Filemanager < 9.12.0, an attacker can bypass upload restrictions resulting in RCE.
<= 9.4.10
Cross Site Scripting vulnerability found in Trippo ResponsiveFilemanager v.9.14.0 and before allows a remote attacker to execute a
<= 9.9.5
An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and uplo
<= 9.11.0
A vulnerability was found in Tecrail Responsive Filemanger up to 9.10.x and classified as critical. The manipulation leads to path
<= 9.14.0
An issue was discovered in Responsive Filemanager through 9.14.0. In the dialog.php page, the session variable $_SESSION['RF']["vi
<= 9.14.0
An issue was discovered in Responsive Filemanager through 9.14.0. In the ajax_calls.php file in the save_img action in the name pa
all versions
upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishan
all versions
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary files via path traversal with the path parameter,
all versions
tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary image file (jpg/jpeg/png) via path traversa
all versions
tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary file as a consequence of a paths[0] path tr
all versions
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary file via path traversal with the path parameter, t
all versions
tecrail Responsive FileManager 9.13.4 allows XSS via a media file upload with an XSS payload in the name, because of mishandling o
all versions
tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary file as a consequence of a paths[0] path trav
all versions
tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary directory as a consequence of a paths[0] path
all versions
An SSRF issue was discovered in tecrail Responsive FileManager 9.13.4 via the upload.php url parameter. NOTE: this issue exists be
all versions
An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. A reflected XSS vulnerability allows remote attacke
all versions
An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. Attackers can access the file manager interface tha
< 9.13.4
/filemanager/ajax_calls.php in tecrail Responsive FileManager before 9.13.4 does not properly validate file paths in archives, all
< 9.13.4
/filemanager/ajax_calls.php in tecrail Responsive FileManager before 9.13.4 uses external input to construct a pathname that shoul
< 9.13.3
/filemanager/upload.php in Responsive FileManager before 9.13.3 allows Directory Traversal and SSRF because the url parameter is u
all versions
upload.php in Responsive FileManager 9.13.1 allows SSRF via the url parameter.