Vulnerabilities > CVE-2022-45475 - Unspecified vulnerability in Tiny File Manager Project Tiny File Manager 2.4.8

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

tiny-file-manager-project

NVD

Published: 2022-11-25

Updated: 2024-11-21

Summary

Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to access the application's internal files. This is possible because the application is vulnerable to broken access control.

Vulnerable Configurations

Part	Description	Count
Application	Tiny_File_Manager_Project Tiny File Manager Project Tiny File Manager 2.4.8	1

References

https://fluidattacks.com/advisories/mosey/
https://fluidattacks.com/advisories/mosey/
https://github.com/prasathmani/tinyfilemanager/
https://github.com/prasathmani/tinyfilemanager/