Arbitrary Code Injection through ONEdotOH Simple File Manager (SFM)

Arbitrary Code Injection through ONEdotOH Simple File Manager (SFM)

CVE-2003-1539 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names.

Learn more about our Web App Pen Testing.