CVE-2025-65345

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

03/12/2025

Last modified:

03/12/2025

Description

alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The zip/archiving functionality allows an attacker to create archives containing files and directories outside the intended scope due to improper path validation.

Impact

References to Advisories, Solutions, and Tools

https://github.com/alexusmai/laravel-file-manager
https://github.com/tlekrean/CVE-2025-65345