Browse all 6 CVE security advisories affecting File Manager. AI-powered Chinese analysis, POCs, and references for each vulnerability.
File Manager applications enable users to organize, access, and manipulate files on servers and local systems, serving as essential tools for content management and system administration. Historically, these tools have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure file handling. With six CVEs documented, common flaws include directory traversal flaws and unsafe deserialization that can lead to system compromise. Notable incidents involve authenticated RCE vulnerabilities in popular implementations where insufficient access controls allowed attackers to execute arbitrary commands, highlighting the critical need for input sanitization and least privilege principles in file management operations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-8507 | File Manager Pro <= 8.3.9 - Cross-Site Request Forgery to Arbitrary File Upload — File Manager ProCWE-352 | 8.8 | High | 2024-10-16 |
| CVE-2024-8746 | File Manager Pro <= 8.3.9 - Unauthenticated Backup File Download and Upload — File Manager ProCWE-434 | 7.5 | High | 2024-10-16 |
| CVE-2024-8918 | File Manager Pro <= 8.3.9 - Unauthenticated Limited JavaScript File Upload — File Manager ProCWE-434 | 7.4 | High | 2024-10-16 |
| CVE-2024-7559 | File Manager Pro <= 8.3.7 - Authenticated (Subscriber+) Arbitrary File Upload — File Manager ProCWE-94 | 8.8 | High | 2024-08-23 |
| CVE-2023-7015 | File Manager Pro <= 8.3.4 - Reflected Cross-Site Scripting — File Manager ProCWE-79 | 6.1 | Medium | 2024-03-13 |
| CVE-2023-6846 | File Manager Pro <= 8.3.4 - Authenticated (Subscriber+) Arbitrary File Upload — File Manager ProCWE-94 | 8.8 | High | 2024-02-05 |
This page lists every published CVE security advisory associated with File Manager. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.