Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Tinyfilemanager Project Subscribe
Filtered by product Tinyfilemanager

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-40965 1 Tinyfilemanager Project 1 Tinyfilemanager 2021-09-27 9.3 HIGH 8.8 HIGH
A Cross-Site Request Forgery (CSRF) vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload files and run OS commands by inducing the Administrator user to browse a URL controlled by an attacker.