A Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager Project's Tiny File Manager <= 2.4.6 allows remote attackers with valid user accounts to upload malicious PHP files to the webroot and achieve code execution on the target server.
CVE-2021-45010 Tiny File Manager-243 exploit A Path traversal vulnerability in the file upload functionality in tinyfilemanagerphp in Tiny File Manager Project's Tiny File Manager <= 246 allows remote attackers with valid user accounts to upload malicious PHP files to the webroot and achieve code execution on the target server