Vulnerability identifier: #VU36110
Vulnerability risk: Medium
Exploitation vector: Network
Exploit availability: No
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary files via path traversal with the path parameter, through the copy_cut action in ajax_calls.php and the paste_clipboard action in execute.php.
Install update from vendor's website.
Vulnerable software versions
Responsive FileManager: 9.13.4
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?