Vulnerability CVE-2018-18062


Published: 2018-10-10

Description:
An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. A reflected XSS vulnerability allows remote attackers to inject arbitrary web script or HTML.

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

Vendor: Tecrail
Product: Responsive filemanager 
Version: 9.8.1;

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None

 References:
https://seclists.org/bugtraq/2018/Oct/26

Related CVE
CVE-2018-20795
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary files via path traversal with the path parameter, through the copy_cut action in ajax_calls.php and the paste_clipboard action in execute.php.
CVE-2018-20794
tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary image file (jpg/jpeg/png) via path traversal with the path parameter, through the save_img action in ajax_calls.php.
CVE-2018-20793
tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass, through the create_file action in execute.php.
CVE-2018-20792
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary file via path traversal with the path parameter, through the get_file action in ajax_calls.php.
CVE-2018-20791
tecrail Responsive FileManager 9.13.4 allows XSS via a media file upload with an XSS payload in the name, because of mishandling of the media_preview action.
CVE-2018-20790
tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass through the delete_file action in execute.php.
CVE-2018-20789
tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary directory as a consequence of a paths[0] path traversal mitigation bypass through the delete_folder action in execute.php.
CVE-2018-18867
An SSRF issue was discovered in tecrail Responsive FileManager 9.13.4 via the upload.php url parameter. NOTE: this issue exists because of an incomplete fix for CVE-2018-15495.

Copyright 2019, cxsecurity.com

 

Back to Top