Published: 15/03/2022 Updated: 21/03/2022

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 580

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager prior to 2.4.7 allows remote attackers (with valid user accounts) to upload malicious PHP files to the webroot, leading to code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tiny file manager project tiny file manager

A Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager Project's Tiny File Manager <= 2.4.6 allows remote attackers with valid user accounts to upload malicious PHP files to the webroot and achieve code execution on the target server.

CVE-2021-45010 Tiny File Manager-243 exploit A Path traversal vulnerability in the file upload functionality in tinyfilemanagerphp in Tiny File Manager Project's Tiny File Manager <= 246 allows remote attackers with valid user accounts to upload malicious PHP files to the webroot and achieve code execution on the target server

A Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager Project’s Tiny File Manager <= 2.4.3 allows remote attackers with valid user accounts to upload malicious PHP files to the webroot and achieve code execution on the target server.

CVE-2021-45010 CVE-2021-45010: A Path traversal vulnerability in the file upload functionality in tinyfilemanagerphp in Tiny File Manager Project’s Tiny File Manager <= 243 allows remote attackers with valid user accounts to upload malicious PHP files to the webroot and achieve code execution on the target server

Tiny FIle Manager <= 2.4.3 Authenticated RCE exploit

CVE-2021-45010 TIny File Manager Authenticated RCE POC Exploit Tiny FIle Manager <= 246 Authenticated RCE exploit By FEBIN /exploitsh <URL> <Admin Username> <Password> Example: /exploitsh filesubuntulocal/indexphp admin "admin@123"

🐍 Python Exploit for CVE-2021-45010

CVE-2021-45010 🐍 Contrived Python PoC Exploit for CVE-2021-45010 Tiny File Manager < 247 Usage usage: mainpy [-h] -u URL -l USERNAME -p PASSWORD [-g GUI_PATH] [-r FS_RELPATH] options: -h, --help show this help message and exit -u URL, --url URL Base URL -l USERNAME, --username USERNAME Username -p PASSWORD, --passwor

CVE-2021-45010 Exploit Title: Tiny File Manager 246 (Authenticated) Remote Code Execution Date: 04 Mar 2023 Exploit Author: Syd Software Link: githubcom/prasathmani/tinyfilemanager Version: Tiny File Manager <= 243 Tested on: Parrot OS 2004 CVE : CVE-2021-45010 Reference: febin0x4e4awordpresscom/2022/01/23/tiny-file-manager-authenticated-rce/ My f

Collection of exploits on various CVE.

Exploits Collection of exploits on various CVE Exploit Title: Tiny File Manager 246 (Authenticated) Remote Code Execution Date: 04 Mar 2023 Exploit Author: Syd Software Link: githubcom/prasathmani/tinyfilemanager Version: Tiny File Manager <= 243 Tested on: Parrot OS 2004 CVE : CVE-2021-45010 Reference: febin0x4e4awordpresscom/2022/01/23/tiny-fil

CWE-22 https://github.com/prasathmani/tinyfilemanager/commit/2046bbde72ed76af0cfdcae082de629bcc4b44c7 https://github.com/prasathmani/tinyfilemanager/pull/636 https://raw.githubusercontent.com/febinrev/tinyfilemanager-2.4.6-exploit/main/exploit.sh https://github.com/prasathmani/tinyfilemanager/pull/636/files/a93fc321a3c89fdb9bee860bf6df5d89083298d1 https://sploitus.com/exploit?id=1337DAY-ID-37364&utm_source=rss&utm_medium=rss https://github.com/febinrev/tinyfilemanager-2.4.3-exploit/raw/main/exploit.sh https://febin0x4e4a.wordpress.com/2022/01/23/tiny-file-manager-authenticated-rce/http://packetstormsecurity.com/files/166330/Tiny-File-Manager-2.4.6-Shell-Upload.html https://nvd.nist.gov https://github.com/febinrev/tinyfilemanager-2.4.3-exploit

CVE-2021-45010

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect