CVE-2025-46002
published 2025-07-18CVE-2025-46002: An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint.
PriorityP344medium6.5CVSS 3.1
AVNACLPRNUINSUCLILAN
EPSS
1.60%
72.8th percentile
An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| simogeo | filemanager | <= 2.0.0 | — |
| simogeo | filemanager | 0 – 2.5.0 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Filemanager is vulnerable to Relative Path Traversal through filemanager.php
ghsa·2025-07-18
CVE-2025-46002 [MEDIUM] CWE-23 Filemanager is vulnerable to Relative Path Traversal through filemanager.php
Filemanager is vulnerable to Relative Path Traversal through filemanager.php
An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint.
OSV
Filemanager is vulnerable to Relative Path Traversal through filemanager.php
osv·2025-07-18
CVE-2025-46002 [MEDIUM] Filemanager is vulnerable to Relative Path Traversal through filemanager.php
Filemanager is vulnerable to Relative Path Traversal through filemanager.php
An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/simogeo/Filemanagerhttps://github.com/simogeo/Filemanager/releases/tag/v1.7.0https://github.com/simogeo/Filemanager/releases/tag/v1.8.0https://github.com/simogeo/Filemanager/releases/tag/v2.0.0https://github.com/simogeo/Filemanager/releases/tag/v2.1.0https://github.com/simogeo/Filemanager/releases/tag/v2.2.0https://github.com/simogeo/Filemanager/releases/tag/v2.3.0https://github.com/zakumini/CVE-List/blob/main/CVE-2025-46002/CVE-2025-46002.mdhttps://www.exploit-db.com/exploits/38945
2025-07-18
Published