Vulnerabilities > Media File Manager Project

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-31	CVE-2018-19043	Path Traversal vulnerability in Media File Manager Project Media File Manager 1.4.2 The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file renaming (specifying a "from" and "to" filename) via a ../ directory traversal in the dir parameter of an mrelocator_rename action to the wp-admin/admin-ajax.php URI. network low complexity media-file-manager-project CWE-22	5.3
2019-01-31	CVE-2018-19042	Path Traversal vulnerability in Media File Manager Project Media File Manager 1.4.2 The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file movement via a ../ directory traversal in the dir_from and dir_to parameters of an mrelocator_move action to the wp-admin/admin-ajax.php URI. network low complexity media-file-manager-project CWE-22	5.3
2019-01-31	CVE-2018-19041	Cross-site Scripting vulnerability in Media File Manager Project Media File Manager 1.4.2 The Media File Manager plugin 1.4.2 for WordPress allows XSS via the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI. network low complexity media-file-manager-project CWE-79	6.1
2019-01-31	CVE-2018-19040	Path Traversal vulnerability in Media File Manager Project Media File Manager 1.4.2 The Media File Manager plugin 1.4.2 for WordPress allows directory listing via a ../ directory traversal in the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI. network low complexity media-file-manager-project CWE-22	5.3

Vulnerabilities > Media File Manager Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Media File Manager Project"}]}

Vulnerabilities > Media File Manager Project