A vulnerability has been found in Tiny File Manager up to 2.6 and classified as critical. The impacted element is an unknown function. Performing a manipulation results in server-side request forgery.
This vulnerability is cataloged as CVE-2025-46651. It is possible to initiate the attack remotely. There is no exploit available.
