CVE-2025-52922 | Innoshop up to 0.4.1 FileManager API Endpoint /api/file_manager/files base_folder path traversal

A vulnerability, which was classified as critical, has been found in Innoshop up to 0.4.1. Affected by this issue is some unknown functionality of the file /api/file_manager/files of the component FileManager API Endpoint. The manipulation of the argument base_folder leads to relative path traversal.

This vulnerability is handled as CVE-2025-52922. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More