1.7.9
CVE-2019-25632 describes a Local File Inclusion (LFI) vulnerability discovered in phpFileManager versions 1.7.8. This flaw allows unauthenticated attackers to read sensitive files on the server by manipulating request parameters. The vulnerability impacts phpFileManager 1.7.8 and requires no authentication for exploitation. A fix is available through upgrading to a patched version.
The primary impact of CVE-2019-25632 is the potential for unauthorized access to sensitive files on the server. An attacker can exploit this vulnerability by crafting malicious GET requests to index.php, manipulating the action, fmcurrentdir, and filename parameters. Successful exploitation allows the attacker to read arbitrary files, including system configuration files like /etc/passwd, potentially exposing user credentials and other sensitive information. While the vulnerability is local to the server, the ability to read system files represents a significant security risk, potentially leading to further compromise of the system.
CVE-2019-25632 was published on 2026-03-24. There is no indication of active exploitation or inclusion in the CISA KEV catalog. Public proof-of-concept (PoC) code is likely available given the simplicity of the LFI vulnerability, though no specific references were found in the provided data. The vulnerability's ease of exploitation makes it a potential target for automated scanning and exploitation attempts.
Systems running phpFileManager version 1.7.8 are at direct risk. Shared hosting environments are particularly vulnerable, as they often host multiple websites on a single server, increasing the potential attack surface. Organizations using phpFileManager for file management tasks without proper input validation or access controls are also at increased risk.
• php: Check for phpFileManager version 1.7.8 in the file system.
• php: Examine web server access logs for requests to index.php with unusual or manipulated action, fmcurrentdir, and filename parameters.
• generic web: Use curl to test for file inclusion by attempting to access sensitive files like /etc/passwd through crafted URLs (e.g., http://target/index.php?action=viewfile&fmcurrentdir=../../../../&filename=/etc/passwd).
• generic web: Monitor web server error logs for file not found errors related to attempts to access unauthorized files.
disclosure
漏洞利用状态
EPSS
0.03% (9% 百分位)
CISA SSVC
CVSS 向量
The primary mitigation for CVE-2019-25632 is to upgrade phpFileManager to a patched version. Since no specific patched version is provided, it's crucial to check the phpFileManager project's website or repository for the latest release. As a temporary workaround, restrict access to index.php using a web application firewall (WAF) or proxy server, blocking requests with suspicious parameter values. Carefully review and sanitize all user-supplied input to prevent malicious code injection. Regularly scan the system for unauthorized file modifications.
将 phpFileManager 更新到 1.7.8 之后的版本,或应用一个缓解本地文件包含漏洞的补丁。建议验证和清理用户输入,以防止 'action', 'fm_current_dir' 和 'filename' 参数的操纵。
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2019-25632 is a Local File Inclusion vulnerability affecting phpFileManager version 1.7.8, allowing attackers to read arbitrary files on the server.
If you are running phpFileManager version 1.7.8, you are potentially affected by this vulnerability. Upgrade to a patched version as soon as possible.
The recommended fix is to upgrade phpFileManager to a patched version. Check the project's website or repository for the latest release.
While there's no confirmed active exploitation, the vulnerability's simplicity makes it a potential target for automated scanning and exploitation.
Refer to the phpFileManager project's website or repository for the official advisory and release notes regarding this vulnerability.
上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。