Published: 21/03/2019 Updated: 13/05/2022

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9

VMScore: 645

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Roxy Fileman 1.4.5 allows Directory Traversal in copydir.php, copyfile.php, and fileslist.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
roxyfileman roxy fileman 1.4.5

====================================================================== Exploit Title:: Multiple Vulnerabilities Software: Roxy Fileman Version: 145 Vendor Homepage: wwwroxyfilemancom/ Software Link: wwwroxyfilemancom/downloadphp?f=145-php CVE number: CVE-2018-20525, CVE-2018-20526 Found: 2018-12-07 Tested on: PHP 70, Ubuntu ...

Roxy File Manager version 145 proof of concept exploit for a PHP file upload restriction bypass vulnerability ...

Roxy Fileman version 145 suffers from remote file upload and directory traversal vulnerabilities ...

CWE-22 https://www.exploit-db.com/exploits/46085/http://packetstormsecurity.com/files/151033/Roxy-Fileman-1.4.5-File-Upload-Directory-Traversal.html http://packetstormsecurity.com/files/166585/Roxy-File-Manager-1.4.5-PHP-File-Upload-Restriction-Bypass.html https://nvd.nist.gov https://www.exploit-db.com/exploits/46085

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-20525

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect