Vulnerabilities > Tecrail > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-02 | CVE-2022-46604 | Unrestricted Upload of File with Dangerous Type vulnerability in Tecrail Responsive Filemanager An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution. | 8.8 |
| 2020-03-07 | CVE-2020-10212 | Server-Side Request Forgery (SSRF) vulnerability in Tecrail Responsive Filemanager 9.13.4/9.14.0 upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an internal IP address. | 7.5 |
| 2018-08-03 | CVE-2018-14728 | Server-Side Request Forgery (SSRF) vulnerability in Tecrail Responsive Filemanager 9.13.1 upload.php in Responsive FileManager 9.13.1 allows SSRF via the url parameter. | 7.5 |