Simogeo Filemanager vulnerabilities
3 known vulnerabilities affecting simogeo/filemanager.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-46001P2CRITICALCVSS 9.8≥ 0.8, ≤ 1.1≥ 1.5.0, ≤ 2.0.02025-07-18
CVE-2025-46001 [CRITICAL] CWE-434 CVE-2025-46001: An arbitrary file upload vulnerability in the is_allowed_file_type() function of Filemanager v2.3.0
An arbitrary file upload vulnerability in the is_allowed_file_type() function of Filemanager v2.3.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
nvd
CVE-2025-46002P3MEDIUMCVSS 6.5≤ 2.0.02025-07-18
CVE-2025-46002 [MEDIUM] CWE-23 CVE-2025-46002: An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sendi
An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint.
ghsanvdosv
CVE-2025-46000P3MEDIUMCVSS 6.5≤ 2.5.02025-07-18
CVE-2025-46000 [MEDIUM] CWE-94 CVE-2025-46000: An arbitrary file upload vulnerability in the component /rsc/filemanager.rsc.class.php of Filemanage
An arbitrary file upload vulnerability in the component /rsc/filemanager.rsc.class.php of Filemanager commit c75b914 v.2.5.0 allows attackers to execute arbitrary code via uploading a crafted SVG file.
nvd