Filtered by vendor Media File Manager Project
Subscriptions
Filtered by product Media File Manager
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-19043 | 1 Media File Manager Project | 1 Media File Manager | 2024-08-05 | N/A |
| The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file renaming (specifying a "from" and "to" filename) via a ../ directory traversal in the dir parameter of an mrelocator_rename action to the wp-admin/admin-ajax.php URI. | ||||
| CVE-2018-19041 | 1 Media File Manager Project | 1 Media File Manager | 2024-08-05 | N/A |
| The Media File Manager plugin 1.4.2 for WordPress allows XSS via the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI. | ||||
| CVE-2018-19042 | 1 Media File Manager Project | 1 Media File Manager | 2024-08-05 | N/A |
| The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file movement via a ../ directory traversal in the dir_from and dir_to parameters of an mrelocator_move action to the wp-admin/admin-ajax.php URI. | ||||
| CVE-2018-19040 | 1 Media File Manager Project | 1 Media File Manager | 2024-08-05 | N/A |
| The Media File Manager plugin 1.4.2 for WordPress allows directory listing via a ../ directory traversal in the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI. | ||||
Page 1 of 1.