exploitDog

CVE-2025-46000

Опубликовано: 18 июл. 2025

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

An arbitrary file upload vulnerability in the component /rsc/filemanager.rsc.class.php of Filemanager commit c75b914 v.2.5.0 allows attackers to execute arbitrary code via uploading a crafted SVG file.

Ссылки

https://github.com/simogeo/Filemanager
Product
https://github.com/simogeo/Filemanager/commit/c75b914
Patch
https://github.com/zakumini/CVE-List/blob/main/CVE-2025-46000/CVE-2025-46000.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:simogeo:filemanager:*:*:*:*:*:*:*:*

Версия до 2.5.0 (включая)

EPSS

Процентиль: 16%

0.00051

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-2hh4-c6pj-8p6j

CVSS3: 6.5

github

7 месяцев назад

An arbitrary file upload vulnerability in the component /rsc/filemanager.rsc.class.php of Filemanager commit c75b914 v.2.5.0 allows attackers to execute arbitrary code via uploading a crafted SVG file.

EPSS

Процентиль: 16%

0.00051

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-94