QSearchQSearch

CVE-2026-5482

Responsive FileManager's allows an unauthenticated attacker to upload files of any type and extension without restriction using dialog.ph...

Published: 2026-06-15 · Last updated: 2026-06-15

Severity and scoring

CWE
CWE-434

Description

Responsive FileManager's allows an unauthenticated attacker to upload files of any type and extension without restriction using dialog.php endpoint, leading to Remote Code Execution.  This project is unmaintained at the time of CVE assignment. The vulnerability was found in the latest release 9.14.0

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-40772 Unauthenticated Arbitrary File Upload in GeekyBot <= 1.2.2 versions (10.0 CRITICAL)
  • CVE-2026-39591 Subscriber Arbitrary File Upload in WP-BusinessDirectory <= 4.0.0 versions (9.9 CRITICAL)
  • CVE-2026-39527 Subscriber Arbitrary File Upload in WpStream < 4.11.2 versions (5.4 MEDIUM)
  • CVE-2018-25436 WordPress Plugin Baggage Freight Shipping Australia 0.1.0 contains an unrestricted file upload vulnerability that allows unauthenticated ... (9.8 CRITICAL)
  • CVE-2026-34027 The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains insufficient server-side file type validation in the /saf...