CVE-2018-15495

Publication date

2018-08-18 02:00:00

Family

mitre

State

PUBLISHED

Description

/filemanager/upload.php in Responsive FileManager before 9.13.3 allows Directory Traversal and SSRF because the url parameter is used directly in a curl_exec call, as demonstrated by a file:///etc/passwd value.