CVE-2019-7174

EUVD-2019-16718
Roxy Fileman 1.4.5 allows attackers to execute renamefile.php (aka Rename File), createdir.php (aka Create Directory), fileslist.php (aka Echo File List), and movefile.php (aka Move File) operations.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
Affected Products (NVD)
VendorProductVersion
roxyfilemanroxy_fileman
1.4.5
𝑥
= Vulnerable software versions
References
https://alicangonullu.biz/konu/2
https://alicangonullu.biz/konu/2