Vulnerabilities

CVE-2025-15138 - prasathmani TinyFileManager tinyfilemanager.php path traversal

2025-12-28 0 views admin

CVE ID : CVE-2025-15138 Published : Dec. 28, 2025, 2:16 p.m. | 1 hour, 19 minutes ago Description : A flaw has been found in prasathmani TinyFileManager up to 2.6. Affected by this issue is some unknown functionality of the file tinyfilemanager.php. This manipulation of the argument fullpath causes path traversal. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-15138

Severity

MEDIUM

Published

Dec. 28, 2025

Affected Product: php

Impact: path traversal

Source: Telegram CVE Monitor

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-15138mediumphp

CVE-2025-15138 - prasathmani TinyFileManager tinyfilemanager.php path traversal

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2025-15139 - TRENDnet TEW-822DRE formWsc sub_43ACF4 command injection

CVE-2025-15141 - Halo Configuration actuator information disclosure

CVE-2025-15140 - saiftheboss7 onlinemcqexam quesadd.php sql injection

CVE-2025-15134 - yourmaileyes MOOC Submission MainController.java subreview cross site scripting

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting