In Tiny File Manager 2.4.1 there is a vulnerability in the ajax file backup copy functionality which allows authenticated users to create backup copies of files (with .bak extension) outside the scope in the same directory in which they are stored.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-04-28T21:07:28

Updated: 2024-08-04T11:48:58.008Z

Reserved: 2020-04-23T00:00:00

Link: CVE-2020-12103

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-04-28T22:15:12.780

Modified: 2024-11-21T04:59:15.060

Link: CVE-2020-12103

cve-icon Redhat

No data.