mirror of
https://github.com/0xMarcio/cve.git
synced 2026-02-12 18:42:46 +00:00
1.7 KiB
1.7 KiB
CVE-2021-45010
Description
A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager before 2.4.7 allows remote attackers (with valid user accounts) to upload malicious PHP files to the webroot, leading to code execution.
POC
Reference
- http://packetstormsecurity.com/files/166330/Tiny-File-Manager-2.4.6-Shell-Upload.html
- https://febin0x4e4a.wordpress.com/2022/01/23/tiny-file-manager-authenticated-rce/
- https://github.com/febinrev/tinyfilemanager-2.4.3-exploit/raw/main/exploit.sh
- https://raw.githubusercontent.com/febinrev/tinyfilemanager-2.4.6-exploit/main/exploit.sh
- https://sploitus.com/exploit?id=1337DAY-ID-37364&utm_source=rss&utm_medium=rss
Github
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/ARPSyndicate/cvemon
- https://github.com/BKreisel/CVE-2021-45010
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/Syd-SydneyJr/CVE-2021-45010
- https://github.com/Syd-SydneyJr/Exploits
- https://github.com/WhooAmii/POC_to_review
- https://github.com/febinrev/CVE-2021-45010-TinyFileManager-Exploit
- https://github.com/febinrev/tinyfilemanager-2.4.3-exploit
- https://github.com/febinrev/tinyfilemanager-2.4.6-exploit
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
- https://github.com/trhacknon/Pocingit
- https://github.com/zecool/cve