Filebrowser

Filebrowser

42 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.7

CVE-2026-54090

  • EPSS -
  • Veröffentlicht 25.06.2026 17:51:17
  • Zuletzt bearbeitet 25.06.2026 19:58:30

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.33.8, when a shell interpreter is configured (e.g. /bin/sh -c), the command allowlist can be bypassed ...

9.3

CVE-2026-54088

  • EPSS -
  • Veröffentlicht 25.06.2026 17:49:14
  • Zuletzt bearbeitet 25.06.2026 19:58:30

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, the Hook Authentication feature in File Browser allows administrators to delegate login verifica...

9.1

CVE-2026-54089

  • EPSS -
  • Veröffentlicht 25.06.2026 17:46:13
  • Zuletzt bearbeitet 25.06.2026 19:58:30

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Starting with 2.0.0-rc.1, when FileBrowser is configured with proxy authentication (auth.method=proxy), any unaut...

7.5

CVE-2026-54091

  • EPSS -
  • Veröffentlicht 25.06.2026 17:43:04
  • Zuletzt bearbeitet 25.06.2026 19:58:30

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, File Browser's public share handlers rebase the share owner's filesystem root to the shared dire...

6.5

CVE-2026-54092

  • EPSS -
  • Veröffentlicht 25.06.2026 17:41:43
  • Zuletzt bearbeitet 25.06.2026 19:58:30

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, unchecked passwords maximums allow for an arbitrarily large password to be passed into the login...

7.2

CVE-2026-54097

  • EPSS -
  • Veröffentlicht 25.06.2026 17:40:18
  • Zuletzt bearbeitet 25.06.2026 19:58:30

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, a low-privileged authenticated user of filebrowser (with create + delete permissions in their ow...

6.8

CVE-2026-54093

  • EPSS -
  • Veröffentlicht 25.06.2026 17:39:06
  • Zuletzt bearbeitet 25.06.2026 19:58:30

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, filebrowser builds the download-as-zip / download-as-tar archive entry names with filepath.ToSla...

7.5

CVE-2026-54094

  • EPSS -
  • Veröffentlicht 25.06.2026 17:37:14
  • Zuletzt bearbeitet 25.06.2026 19:58:30

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.14, it does not stop the HTTP file handlers from following symbolic links before they open, serve, ...

8.4

CVE-2026-54096

  • EPSS -
  • Veröffentlicht 25.06.2026 17:35:02
  • Zuletzt bearbeitet 25.06.2026 19:58:30

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.7, `POST /api/share/<path>` accepts an authenticated request for an arbitrary path and stores a pub...

8.2

CVE-2026-55667

  • EPSS -
  • Veröffentlicht 25.06.2026 17:32:32
  • Zuletzt bearbeitet 25.06.2026 19:58:30

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.16, a scoped, non-admin File Browser user holding only the Create permission can delete arbitrary f...