onedotoh simple_file_manager CVE Vulnerabilities (3)

CVEs: 3 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting onedotoh simple_file_manager (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 13 of 3 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2006-6376 Multiple directory traversal vulnerabilities in fm.php in Simple File Manager (SFM) 0.24a allow remote attackers to use ".." sequences to (1) read arbitrary files via the filename parameter in a download action, (2) delete arbitrary files via the delete parameter, and (3) modify arbitrary files via the edit parameter, which can be leveraged to execute arbitrary code. [email protected] 7.5 3.99% 2006-12-07 2026-06-16
CVE-2006-3160 Cross-site scripting (XSS) vulnerability in fm.php in ONEdotOH Simple File Manager (SFM) 0.24a and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter. [email protected] 2.6 1.27% 2006-06-22 2026-06-16
CVE-2003-1539 Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names. [email protected] 4.3 1.08% 2003-12-31 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence