Tiny File Manager version 2.4.8 executes the code of files uploaded by users of the application, instead of just returning them for download. This is possible because the application is vulnerable to insecure file upload.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Fluid Attacks
Published: 2022-11-25T00:00:00
Updated: 2024-08-03T14:17:03.575Z
Reserved: 2022-11-18T00:00:00
Link: CVE-2022-45476
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-11-25T18:15:11.630
Modified: 2024-11-21T07:29:19.130
Link: CVE-2022-45476
Redhat
No data.