Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-45010 PoC — Tiny File Manager路径遍历漏洞

Source
https://github.com/Syd-SydneyJr/CVE-2021-45010
Associated Vulnerability
Title:Tiny File Manager路径遍历漏洞 (CVE-2021-45010)
Description:Tiny File Manager是一款基于Web的开源文件管理器。 Tiny File Manager 2.4.1中的tinyfilemanager.php文件上传功能存在路径遍历漏洞,该漏洞允许远程攻击者使用有效用户账户上传恶意PHP文件到webroot并在目标服务器上实现代码执行。
Readme
# CVE-2021-45010

Exploit Title: Tiny File Manager 2.4.6 (Authenticated) Remote Code Execution Date: 04 Mar 2023 Exploit Author: Syd Software Link: https://github.com/prasathmani/tinyfilemanager Version: Tiny File Manager <= 2.4.3 Tested on: Parrot OS 20.04 CVE : CVE-2021-45010 Reference: https://febin0x4e4a.wordpress.com/2022/01/23/tiny-file-manager-authenticated-rce/

My first Exploit Code. All critique is appreciated and welcome.
File Snapshot

 [4.0K]  /data/pocs/ef2a4da3b70a014dc70e79c446820ff83ba8346c
├── [3.1K]  CVE-2021-45010.py
└── [ 437]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.