Prasathmani

**Name of the Vulnerable Software and Affected Versions** Tiny File Manager versions prior to 2.3.9 **Description** The issue allows for remote code execution through the Upload from URL feature and the Edit/Rename files functionality. It affects only authenticated users. **Recommendations** For versions prior to 2.3.9, update to version 2.3.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the Upload from URL and Edit/Rename files features for authenticated users until the update is applied.