Vulnerabilities > Tiny File Manager Project > Tiny File Manager > 2.4.8

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-25	CVE-2022-45475	Unspecified vulnerability in Tiny File Manager Project Tiny File Manager 2.4.8 Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to access the application's internal files. network low complexity tiny-file-manager-project	6.5
2022-11-25	CVE-2022-45476	Unrestricted Upload of File with Dangerous Type vulnerability in Tiny File Manager Project Tiny File Manager 2.4.8 Tiny File Manager version 2.4.8 executes the code of files uploaded by users of the application, instead of just returning them for download. network low complexity tiny-file-manager-project CWE-434 critical	9.8
2022-11-25	CVE-2022-23044	Cross-Site Request Forgery (CSRF) vulnerability in Tiny File Manager Project Tiny File Manager 2.4.8 Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to persuade users to perform unintended actions within the application. network low complexity tiny-file-manager-project CWE-352	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.