Filemanager

filemanager

Vendor: Simogeo • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-46000 1Simogeo 1Filemanager Oct 14, 2025 Jul 18, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An arbitrary file upload vulnerability in the component /rsc/filemanager.rsc.class.php of Filemanager commit c75b914 v.2.5.0 allows attackers to execute arbitrary code via uploading a crafted SVG file.
CVE-2025-46002 1Simogeo 1Filemanager Oct 14, 2025 Jul 18, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint.
CVE-2025-46001 1Simogeo 1Filemanager Oct 14, 2025 Jul 18, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An arbitrary file upload vulnerability in the is_allowed_file_type() function of Filemanager v2.3.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.