Dulldusk Phpfilemanager
3 CVEs affecting Dulldusk Phpfilemanager. Latest disclosed: 2026-03-24. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-53894 | Critical | 9.8 | 2025-12-16 | phpfm 1.7.9 contains an authentication bypass vulnerability that allows attackers to log in by exploiting loose type comparison in password hash validation. At… |
CVE-2019-25632 | Medium | 6.2 | 2026-03-24 | phpFileManager 1.7.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the action, fm… |
CVE-2024-5673 | Medium | 6.1 | 2024-06-06 | Vulnerability in Dulldusk's PHP File Manager affecting version 1.7.8. This vulnerability consists of an XSS through the fm_current_dir parameter of index.php… |