mirror of
https://github.com/0xMarcio/cve.git
synced 2026-06-03 04:38:03 +02:00
0xMarcio
811 B
811 B
CVE-2020-12102
Description
In Tiny File Manager 2.4.1, there is a Path Traversal vulnerability in the ajax recursive directory listing functionality. This allows authenticated users to enumerate directories and files on the filesystem (outside of the application scope).
POC
Reference
- https://cyberaz0r.info/2020/04/tiny-file-manager-multiple-vulnerabilities/
- https://github.com/prasathmani/tinyfilemanager/issues/357
Github
No PoCs found on GitHub currently.