Plateforme
php
Composant
phpfilemanager
Corrigé dans
1.7.9
CVE-2019-25632 describes a Local File Inclusion (LFI) vulnerability discovered in phpFileManager versions 1.7.8. This flaw allows unauthenticated attackers to read sensitive files on the server by manipulating request parameters. The vulnerability impacts phpFileManager 1.7.8 and requires no authentication for exploitation. A fix is available through upgrading to a patched version.
The primary impact of CVE-2019-25632 is the potential for unauthorized access to sensitive files on the server. An attacker can exploit this vulnerability by crafting malicious GET requests to index.php, manipulating the action, fmcurrentdir, and filename parameters. Successful exploitation allows the attacker to read arbitrary files, including system configuration files like /etc/passwd, potentially exposing user credentials and other sensitive information. While the vulnerability is local to the server, the ability to read system files represents a significant security risk, potentially leading to further compromise of the system.
CVE-2019-25632 was published on 2026-03-24. There is no indication of active exploitation or inclusion in the CISA KEV catalog. Public proof-of-concept (PoC) code is likely available given the simplicity of the LFI vulnerability, though no specific references were found in the provided data. The vulnerability's ease of exploitation makes it a potential target for automated scanning and exploitation attempts.
Systems running phpFileManager version 1.7.8 are at direct risk. Shared hosting environments are particularly vulnerable, as they often host multiple websites on a single server, increasing the potential attack surface. Organizations using phpFileManager for file management tasks without proper input validation or access controls are also at increased risk.
• php: Check for phpFileManager version 1.7.8 in the file system.
• php: Examine web server access logs for requests to index.php with unusual or manipulated action, fmcurrentdir, and filename parameters.
• generic web: Use curl to test for file inclusion by attempting to access sensitive files like /etc/passwd through crafted URLs (e.g., http://target/index.php?action=viewfile&fmcurrentdir=../../../../&filename=/etc/passwd).
• generic web: Monitor web server error logs for file not found errors related to attempts to access unauthorized files.
disclosure
Statut de l'Exploit
EPSS
0.03% (percentile 9%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2019-25632 is to upgrade phpFileManager to a patched version. Since no specific patched version is provided, it's crucial to check the phpFileManager project's website or repository for the latest release. As a temporary workaround, restrict access to index.php using a web application firewall (WAF) or proxy server, blocking requests with suspicious parameter values. Carefully review and sanitize all user-supplied input to prevent malicious code injection. Regularly scan the system for unauthorized file modifications.
Mettre à jour phpFileManager à une version ultérieure à 1.7.8 ou appliquer un correctif qui atténue la vulnérabilité d'inclusion de fichiers locaux. Il est recommandé de valider et de désinfecter les entrées utilisateur pour prévenir la manipulation des paramètres 'action', 'fm_current_dir' et 'filename'.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2019-25632 is a Local File Inclusion vulnerability affecting phpFileManager version 1.7.8, allowing attackers to read arbitrary files on the server.
If you are running phpFileManager version 1.7.8, you are potentially affected by this vulnerability. Upgrade to a patched version as soon as possible.
The recommended fix is to upgrade phpFileManager to a patched version. Check the project's website or repository for the latest release.
While there's no confirmed active exploitation, the vulnerability's simplicity makes it a potential target for automated scanning and exploitation.
Refer to the phpFileManager project's website or repository for the official advisory and release notes regarding this vulnerability.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.