Cross-site scripting (XSS) vulnerability in fm.php in ONEdotOH Simple File Manager (SFM) 0.24a and previous versions allows remote malicious users to inject arbitrary web script or HTML via the msg parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
onedotoh simple file manager |