/filemanager/upload.php in Responsive FileManager prior to 9.13.3 allows Directory Traversal and SSRF because the url parameter is used directly in a curl_exec call, as demonstrated by a file:///etc/passwd value.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tecrail responsive filemanager |