CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10567

An issue was discovered in Responsive Filemanager through 9.14.0. In the ajax_calls.php file in the save_img action in the name parameter, there is no validation of what kind of extension is sent. This makes it possible to execute PHP code if a legitimate JPEG image contains this code in the EXIF data, and the .php extension is used in the name parameter. (A potential fast patch is to disable the save_img action in the config file.)

Exploit prediction scoring system (EPSS) score

EPSS Score 0.211

EPSS Ranking 95.4%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2020-10567

Tecrail » Responsive Filemanager » Version: N/A

cpe:2.3:a:tecrail:responsive_filemanager:-
Tecrail » Responsive Filemanager » Version: .9.10.1

cpe:2.3:a:tecrail:responsive_filemanager:.9.10.1
Tecrail » Responsive Filemanager » Version: .9.14.0

cpe:2.3:a:tecrail:responsive_filemanager:.9.14.0
Tecrail » Responsive Filemanager » Version: 9.10.0

cpe:2.3:a:tecrail:responsive_filemanager:9.10.0
Tecrail » Responsive Filemanager » Version: 9.10.1

cpe:2.3:a:tecrail:responsive_filemanager:9.10.1
Tecrail » Responsive Filemanager » Version: 9.10.2

cpe:2.3:a:tecrail:responsive_filemanager:9.10.2
Tecrail » Responsive Filemanager » Version: 9.11.0

cpe:2.3:a:tecrail:responsive_filemanager:9.11.0
Tecrail » Responsive Filemanager » Version: 9.11.3

cpe:2.3:a:tecrail:responsive_filemanager:9.11.3
Tecrail » Responsive Filemanager » Version: 9.12.0

cpe:2.3:a:tecrail:responsive_filemanager:9.12.0
Tecrail » Responsive Filemanager » Version: 9.12.1

cpe:2.3:a:tecrail:responsive_filemanager:9.12.1
Tecrail » Responsive Filemanager » Version: 9.12.2

cpe:2.3:a:tecrail:responsive_filemanager:9.12.2
Tecrail » Responsive Filemanager » Version: 9.13.0

cpe:2.3:a:tecrail:responsive_filemanager:9.13.0
Tecrail » Responsive Filemanager » Version: 9.13.1

cpe:2.3:a:tecrail:responsive_filemanager:9.13.1
Tecrail » Responsive Filemanager » Version: 9.13.3

cpe:2.3:a:tecrail:responsive_filemanager:9.13.3
Tecrail » Responsive Filemanager » Version: 9.13.4

cpe:2.3:a:tecrail:responsive_filemanager:9.13.4
Tecrail » Responsive Filemanager » Version: 9.14.0

cpe:2.3:a:tecrail:responsive_filemanager:9.14.0
Tecrail » Responsive Filemanager » Version: 9.6.0

cpe:2.3:a:tecrail:responsive_filemanager:9.6.0
Tecrail » Responsive Filemanager » Version: 9.7.2

cpe:2.3:a:tecrail:responsive_filemanager:9.7.2
Tecrail » Responsive Filemanager » Version: 9.7.3

cpe:2.3:a:tecrail:responsive_filemanager:9.7.3
Tecrail » Responsive Filemanager » Version: 9.8

cpe:2.3:a:tecrail:responsive_filemanager:9.8
Tecrail » Responsive Filemanager » Version: 9.8.1

cpe:2.3:a:tecrail:responsive_filemanager:9.8.1
Tecrail » Responsive Filemanager » Version: 9.9.0

cpe:2.3:a:tecrail:responsive_filemanager:9.9.0
Tecrail » Responsive Filemanager » Version: 9.9.1

cpe:2.3:a:tecrail:responsive_filemanager:9.9.1
Tecrail » Responsive Filemanager » Version: 9.9.2

cpe:2.3:a:tecrail:responsive_filemanager:9.9.2
Tecrail » Responsive Filemanager » Version: 9.9.3

cpe:2.3:a:tecrail:responsive_filemanager:9.9.3
Tecrail » Responsive Filemanager » Version: 9.9.4

cpe:2.3:a:tecrail:responsive_filemanager:9.9.4
Tecrail » Responsive Filemanager » Version: 9.9.5

cpe:2.3:a:tecrail:responsive_filemanager:9.9.5
Tecrail » Responsive Filemanager » Version: 9.9.6

cpe:2.3:a:tecrail:responsive_filemanager:9.9.6
Tecrail » Responsive Filemanager » Version: 9.9.7

cpe:2.3:a:tecrail:responsive_filemanager:9.9.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10567

Products

Pricing

Contact Us