Security Advisory

CVE-2021-40965

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-15 17:11:27

Last updated 2024-08-04 02:59:30

Assigner mitre

State PUBLISHED

Description

A Cross-Site Request Forgery (CSRF) vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload files and run OS commands by inducing the Administrator user to browse a URL controlled by an attacker.

← Browse all CVEs View on cve.org ↗