Vulnerabilities

CVE-2021-40965

by Fred · 15/09/2021

A Cross-Site Request Forgery (CSRF) vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload files and run OS commands by inducing the Administrator user to browse a URL controlled by an attacker.

Date published : 2021-09-15

https://gist.github.com/omriinbar/953368dcdd9e5eeefd83920166099528

https://github.com/prasathmani/tinyfilemanager

Similar

Tags: Cybersecurity Alert