If subfolder GET parameter is set when calling /tinymce/plugins/filemanager/dialog.php then it is possible to traverse outside the containing folder by using '/../' in the query.
So a web visitor can browse directory structures of the website and upload images if the user running the PHP process has access to those directories.
If subfolder GET parameter is set when calling /tinymce/plugins/filemanager/dialog.php then it is possible to traverse outside the containing folder by using '/../' in the query.
So a web visitor can browse directory structures of the website and upload images if the user running the PHP process has access to those directories.