/filemanager/ajax_calls.php in tecrail Responsive FileManager prior to 9.13.4 does not properly validate file paths in archives, allowing for the extraction of crafted archives to overwrite arbitrary files via an extract action, aka Directory Traversal.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tecrail responsive filemanager |