CVE-2022-23044

Description from NVD

Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application is vulnerable to CSRF, processes uploaded files server-side (instead of just returning them for download), and allows unauthenticated users to access uploaded files.

Information Acquisition Date:2022-11-26T14:50Z
CVSS 2.0: 0.0 None CVSS 3.x: 0.0 None

NVD References

 https://fluidattacks.com/advisories/mosey/
     source:MISC
     tags:
 https://github.com/prasathmani/tinyfilemanager/
     source:MISC
     tags:

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:



List of frequently cited URLs

URLNum of Times Referred to
https://bit.ly/3i2cpoR4

▼ Show Information from Twitter(35)


List of frequently cited URLs

URLNum of Times Referred to
bit.ly4

▼ Show Information from Twitter(35)


GitHub Search Results: Up to 10
NameURL
No Data

GitHub Search Results: Up to 10
NameURL
No Data

2022/12/01 Score : 0
Added Har-sia Database : 2022/11/25
Last Modified : 2022/12/01
Highest Scored Date : 2022/11/26
Highest Score : 16