Описание
In Tiny File Manager 2.4.1 there is a vulnerability in the ajax file backup copy functionality which allows authenticated users to create backup copies of files (with .bak extension) outside the scope in the same directory in which they are stored.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:prasathmani:tiny_file_manager:2.4.1:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.0069
Низкий
7.7 High
CVSS3
4 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 7.7
github
больше 3 лет назад
In Tiny File Manager 2.4.1, there is a vulnerability in the ajax file backup copy functionality that allows authenticated users to place backup copies of files (with the .bak extension) into different directories.
EPSS
Процентиль: 71%
0.0069
Низкий
7.7 High
CVSS3
4 Medium
CVSS2
Дефекты
CWE-22