CVE-2025-46002 | THREATINT

Description

An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint.

PUBLISHED Reserved 2025-04-22 | Published 2025-07-18 | Updated 2025-07-18 | Assigner mitre

References

github.com/simogeo/Filemanager

www.exploit-db.com/exploits/38945

github.com/simogeo/Filemanager/releases/tag/v1.7.0

github.com/simogeo/Filemanager/releases/tag/v1.8.0

github.com/simogeo/Filemanager/releases/tag/v2.0.0

github.com/simogeo/Filemanager/releases/tag/v2.1.0

github.com/simogeo/Filemanager/releases/tag/v2.2.0

github.com/simogeo/Filemanager/releases/tag/v2.3.0

github.com/...ist/blob/main/CVE-2025-46002/CVE-2025-46002.md

cve.org (CVE-2025-46002)

nvd.nist.gov (CVE-2025-46002)

Download JSON