CVE-2022-40734

Description

UniSharp laravel-filemanager (aka Laravel Filemanager) through 2.5.1 allows download?working_dir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022.

References

ExploitIssue TrackingThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics