CVE-2026-5482

UNKNOWN 0.0

Remote Code Execution via Unrestricted File Upload in Responsive FileManager

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Responsive FileManager's allows an unauthenticated attacker to upload files of any type and extension without restriction using dialog.php endpoint, leading to Remote Code Execution. This project is unmaintained at the time of CVE assignment. The vulnerability was found in the latest release 9.14.0

CWE	CWE-434
Vendor	tecrail
Product	responsive filemanager
Published	Jun 15, 2026
Last Updated	Jun 15, 2026

Stay Ahead of the Next One

Get instant alerts for tecrail responsive filemanager

Be the first to know when new unknown vulnerabilities affecting tecrail responsive filemanager are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Tecrail / Responsive FileManager

0 ≤ 9.14.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

cert.pl: https://cert.pl/en/posts/2026/06/CVE-2026-5482 github.com: https://github.com/trippo/ResponsiveFilemanager

Credits

Kamil Szczurowski Robert Kruczek