mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 15:15:46 +02:00
0xMarcio
800 B
800 B
CVE-2020-12102
Description
In Tiny File Manager 2.4.1, there is a Path Traversal vulnerability in the ajax recursive directory listing functionality. This allows authenticated users to enumerate directories and files on the filesystem (outside of the application scope).
POC
Reference
- https://cyberaz0r.info/2020/04/tiny-file-manager-multiple-vulnerabilities/
- https://github.com/prasathmani/tinyfilemanager/issues/357
Github
No PoCs found on GitHub currently.