Filebrowser

Filebrowser

32 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2026-35607

Exploit
  • EPSS 0.07%
  • Veröffentlicht 07.04.2026 16:31:21
  • Zuletzt bearbeitet 16.04.2026 18:14:56

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, the fix in commit b6a4fb1 ("self-registered users don't get execute perms") stripped Execute per...

7.5

CVE-2026-35606

Exploit
  • EPSS 0.04%
  • Veröffentlicht 07.04.2026 16:29:03
  • Zuletzt bearbeitet 16.04.2026 18:16:28

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, the resourceGetHandler in http/resource.go returns full text file content without checking the P...

7.5

CVE-2026-35605

Exploit
  • EPSS 0.06%
  • Veröffentlicht 07.04.2026 16:24:52
  • Zuletzt bearbeitet 16.04.2026 18:23:47

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, the Matches() function in rules/rules.go uses strings.HasPrefix() without a trailing directory s...

8.1

CVE-2026-35604

Exploit
  • EPSS 0.06%
  • Veröffentlicht 07.04.2026 16:22:51
  • Zuletzt bearbeitet 16.04.2026 18:30:57

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, when an admin revokes a user's Share and Download permissions, existing share links created by t...

7.2

CVE-2026-35585

Exploit
  • EPSS 0.78%
  • Veröffentlicht 07.04.2026 16:20:46
  • Zuletzt bearbeitet 16.04.2026 18:44:06

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. From 2.0.0 through 2.63.1, the hook system in File Browser — which executes administrator-defined shell commands ...

6.9

CVE-2026-34530

Exploit
  • EPSS 0.06%
  • Veröffentlicht 01.04.2026 20:41:08
  • Zuletzt bearbeitet 06.04.2026 20:34:21

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to version 2.62.2, the SPA index page in File Browser is vulnerable to Stored Cross-Site Scripting (XSS) vi...

9.8

CVE-2026-34528

Exploit
  • EPSS 0.18%
  • Veröffentlicht 01.04.2026 20:39:32
  • Zuletzt bearbeitet 06.04.2026 20:41:19

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to version 2.62.2, the signupHandler in File Browser applies default user permissions via d.settings.Defaul...

9

CVE-2026-34529

Exploit
  • EPSS 0.04%
  • Veröffentlicht 01.04.2026 20:39:07
  • Zuletzt bearbeitet 06.04.2026 20:39:47

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to version 2.62.2, the EPUB preview function in File Browser is vulnerable to Stored Cross-Site Scripting (...

6.5

CVE-2026-32761

Exploit
  • EPSS 0.01%
  • Veröffentlicht 19.03.2026 23:45:33
  • Zuletzt bearbeitet 23.03.2026 16:56:04

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.0 and below contain a permission enforcement bypass which allows users who are denied download priv...

9.8

CVE-2026-32760

Exploit
  • EPSS 0.02%
  • Veröffentlicht 19.03.2026 23:39:54
  • Zuletzt bearbeitet 23.03.2026 16:54:48

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions 2.61.2 and below, any unauthenticated visitor can register a full administrator account when self-reg...