Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
13039.1%CRITICAL

Related CVEs

3
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-65346alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The unzip/extraction functionality improperly allows archive contents to be written to arbitrary locations on the filesystem due to insufficient validation of extraction paths.CRITICAL9.153.9%Dec 4, 2025
CVE-2025-65345alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The zip/archiving functionality allows an attacker to create archives containing files and directories outside the intended scope due to improper path validation.MEDIUM6.539.5%Dec 3, 2025
CVE-2025-63307alexusmai laravel-file-manager 3.3.1 is vulnerable to Cross Site Scripting (XSS). The application permits user-controlled upload, create, and rename of files to HTML and SVG types and serves those files inline without adequate content-type validation or output sanitization.HIGH8.123.9%Nov 6, 2025