What is CVE-2019-25673?

CVE-2019-25673 is a high-severity vulnerability in Unisharp Laravel File Manager, classified under Unrestricted Upload of File with Dangerous Type. CVSS score: 8.8/10. Published 2026-04-05.

How severe is CVE-2019-25673?

High severity. CVSS v3 base score is 8.8 out of 10.

Arbitrary file upload in Unisharp Laravel File Manager

CVE-2019-25673

UniSharp Laravel File Manager v2.0.0-alpha7 and v2.0 contain an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by sending multipart form data to the upload endpoint. Attackers can upload P…

Vulnerability class: Unrestricted File Upload

EPSS: 0.001 (23.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Unisharp Laravel File Manager — versions 2.0.0

Weakness classification (CWE)

CWE-434 — Unrestricted Upload of File with Dangerous Type

References

ExploitDB-46389 (exploit)
Official Product Homepage (product)
Source Code Repository (product)
VulnCheck Advisory: UniSharp Laravel File Manager v2.0.0-alpha7 Arbitrary File Upload (third-party-advisory)

Frequently asked questions

What is CVE-2019-25673?: CVE-2019-25673 is a high-severity vulnerability in Unisharp Laravel File Manager, classified under Unrestricted Upload of File with Dangerous Type. CVSS score: 8.8/10. Published 2026-04-05.
How severe is CVE-2019-25673?: High severity. CVSS v3 base score is 8.8 out of 10.