Security Advisory

CVE-2025-65346

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-04 00:00:00

Last updated 2025-12-05 19:55:59

Assigner mitre

State PUBLISHED

Description

alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The unzip/extraction functionality improperly allows archive contents to be written to arbitrary locations on the filesystem due to insufficient validation of extraction paths.

← Browse all CVEs View on cve.org ↗