Alexusmai Laravel File Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Alexusmai Laravel File Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2025-65346 — CVSS 9.1 (critical): alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The unzip/extraction functionality improperly allows…
CVE-2025-63307 — CVSS 8.1 (high): alexusmai laravel-file-manager 3.3.1 is vulnerable to Cross Site Scripting (XSS). The application permits user-controlled upload, create…
CVE-2025-65345 — CVSS 6.5 (medium): alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The zip/archiving functionality allows an attacker to…