| عنوان | github.com/prasathmani tinyfilemanager 2.6 Path Traversal |
|---|
| الوصف | A path traversal vulnerability in the mass delete handler allows an authenticated non-readonly user to delete arbitrary files outside the application's root directory by supplying traversal sequences in the file[] POST parameter, allow Delete any file readable by the web server process outside the managed directory
|
|---|
| المصدر | ⚠️ https://drive.google.com/file/d/14taA8w3e5z3gl4WttpB4_CquwQdz1i6r/view?usp=sharing |
|---|
| المستخدم | 0xNayel (UID 80926) |
|---|
| ارسال | 25/03/2026 07:08 AM (1 شهر منذ) |
|---|
| الاعتدال | 17/04/2026 10:39 AM (23 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 358039 [prasathmani TinyFileManager حتى 2.6 POST Parameter /filemanager.php file[] اجتياز الدليل] |
|---|
| النقاط | 19 |
|---|