Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file manager project vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-24538
Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the act...
Golang Go
2 Github repositories
NA
CVE-2023-1302
A vulnerability, which was classified as problematic, was found in SourceCodester File Tracker Manager System 1.0. This affects an unknown part of the file normal/borrow1.php. The manipulation of the argument id with the input 1"><script>alert(1111)</script> l...
File Tracker Manager System Project File Tracker Management System 1.0
NA
CVE-2023-1294
A vulnerability was found in SourceCodester File Tracker Manager System 1.0. It has been classified as critical. Affected is an unknown function of the file /file_manager/login.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql inj...
File Tracker Manager System Project File Tracker Management System 1.0
NA
CVE-2022-41723
A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.
Golang Go
Golang Go 1.20.0
Golang Http2
Golang Hpack
2 Github repositories
NA
CVE-2022-41724
Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly...
Golang Go
Golang Go 1.20.0
NA
CVE-2022-41725
A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package wi...
Golang Go
Golang Go 1.20.0
NA
CVE-2022-45475
Tiny File Manager version 2.4.8 allows an unauthenticated remote malicious user to access the application's internal files. This is possible because the application is vulnerable to broken access control.
Tiny File Manager Project Tiny File Manager 2.4.8
NA
CVE-2022-45476
Tiny File Manager version 2.4.8 executes the code of files uploaded by users of the application, instead of just returning them for download. This is possible because the application is vulnerable to insecure file upload.
Tiny File Manager Project Tiny File Manager 2.4.8
NA
CVE-2022-23044
Tiny File Manager version 2.4.8 allows an unauthenticated remote malicious user to persuade users to perform unintended actions within the application. This is possible because the application is vulnerable to CSRF.
Tiny File Manager Project Tiny File Manager 2.4.8
NA
CVE-2022-40304
An issue exists in libxml2 prior to 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
Xmlsoft Libxml2
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Snapmanager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Apple Macos
Apple Watchos
Apple Tvos
Apple Ipados
Apple Iphone Os
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »