Vulnerabilities > Roxyfileman

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-09	CVE-2022-40797	Unrestricted Upload of File with Dangerous Type vulnerability in Roxyfileman Roxy Fileman 1.4.6 Roxy Fileman 1.4.6 allows Remote Code Execution via a .phar upload, because the default FORBIDDEN_UPLOADS value in conf.json only blocks .php, .php4, and .php5 files. network low complexity roxyfileman CWE-434 critical	9.8
2019-12-16	CVE-2019-19731	Path Traversal vulnerability in Roxyfileman Roxy Fileman 1.4.5 Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. network low complexity roxyfileman CWE-22	7.5
2019-04-09	CVE-2019-7174	Unspecified vulnerability in Roxyfileman Roxy Fileman 1.4.5 Roxy Fileman 1.4.5 allows attackers to execute renamefile.php (aka Rename File), createdir.php (aka Create Directory), fileslist.php (aka Echo File List), and movefile.php (aka Move File) operations. network low complexity roxyfileman critical	9.8
2019-03-21	CVE-2018-20526	Unrestricted Upload of File with Dangerous Type vulnerability in Roxyfileman Roxy Fileman 1.4.5 Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php. network low complexity roxyfileman CWE-434 critical	9.8
2019-03-21	CVE-2018-20525	Path Traversal vulnerability in Roxyfileman Roxy Fileman 1.4.5 Roxy Fileman 1.4.5 allows Directory Traversal in copydir.php, copyfile.php, and fileslist.php. network low complexity roxyfileman CWE-22 critical	9.1
2018-06-07	CVE-2018-12042	Path Traversal vulnerability in Roxyfileman Roxy Fileman Roxy Fileman through v1.4.5 has Directory traversal via the php/download.php f parameter. network low complexity roxyfileman CWE-22	7.5

Vulnerabilities > Roxyfileman {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Roxyfileman"}]}

Vulnerabilities > Roxyfileman