← volver
CVE-2019-16790

Remote Code Execution in Tiny File Manager

CVSS 6.5 MEDIUMEPSS 1.2%CWE-78
In Tiny File Manager before 2.3.9, there is a remote code execution via Upload from URL and Edit/Rename files. Only authenticated users are impacted.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Productos afectados
Tiny File Manager · Tiny File Manager

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/prasathmani/tinyfilemanager/commit/9a499734c5084e3c2eb505f100d50baac1793bd8https://github.com/prasathmani/tinyfilemanager/security/advisories/GHSA-w72h-v37j-rrwr