📦 Tiny File Manager

CVE-2022-40916 is a session fixation vulnerability in Tiny File Manager v2.4.7 and below that allows attackers to hijack user sessions by fixing session IDs before authentication. This affects all use...

This path traversal vulnerability in tinyfilemanager allows attackers to access files outside the intended directory by manipulating file paths. It affects all users running tinyfilemanager versions p...

This is an authenticated path traversal vulnerability in Tiny File Manager that allows users with valid accounts to upload malicious PHP files to the webroot directory. Successful exploitation leads t...

This CSRF vulnerability in TinyFileManager allows attackers to trick authenticated administrators into executing malicious requests, leading to arbitrary file uploads and remote code execution. All ve...

This vulnerability in TinyFileManager allows attackers to perform path traversal attacks by manipulating the 'fullpath' parameter in tinyfilemanager.php. This could enable unauthorized file access or ...

CVE-2022-40490 is a Cross-Site Scripting (XSS) vulnerability in Tiny File Manager v2.4.7 and below that allows attackers to execute arbitrary JavaScript code by injecting malicious payloads into file ...