Main Vulnerability Database Exploits ID:6163 - Exploit for Path traversal in Responsive FileManager - CVE-2018-15536

ID:6163 - Exploit for Path traversal in Responsive FileManager - CVE-2018-15536

Published: June 17, 2021

Vulnerability identifier: #VU31226

Vulnerability risk: Low

CVE-ID: CVE-2018-15536

CWE-ID: CWE-22

Exploitation vector: Local access

Vulnerable software:
Responsive FileManager

Link to public exploit:

https://www.exploit-db.com/exploits/45271/

Vulnerability description

The vulnerability allows a local authenticated user to manipulate data.

/filemanager/ajax_calls.php in tecrail Responsive FileManager before 9.13.4 does not properly validate file paths in archives, allowing for the extraction of crafted archives to overwrite arbitrary files via an extract action, aka Directory Traversal.

Remediation

Install update from vendor's website.

ID:6163 - Exploit for Path traversal in Responsive FileManager - CVE-2018-15536

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human