CVE-2026-5482 is a critical vulnerability in Responsive FileManager, a project that is currently unmaintained. The vulnerability allows an unauthenticated attacker to upload files of any type and extension without restriction using the dialog.php endpoint, leading to Remote Code Execution (RCE). This vulnerability was found in the latest release (9.14.0) of the project. The CVSS score for this vulnerabili [truncated]
HIGHResponsive FileManagerCVE published 2026-05-28
A remote code execution vulnerability exists in Responsive FileManager version 9.14.0, specifically within the force_download.php component. The vulnerability allows a remote attacker to execute arbitrary code on affected systems. The CVSS 3.1 vector indicates network attack vector, low attack complexity, low privileges required, user interaction required, with high impact across confidentiality, integrit [truncated]