Filebrowser

Filebrowser

18 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2026-28492

  • EPSS -
  • Veröffentlicht 05.03.2026 21:06:21
  • Zuletzt bearbeitet 05.03.2026 21:06:21

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.61.0, when a user creates a public share link for a directory, the withHashFile midd...

9.1

CVE-2026-29188

  • EPSS -
  • Veröffentlicht 05.03.2026 20:57:57
  • Zuletzt bearbeitet 05.03.2026 20:57:57

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.61.1, a broken access control vulnerability in the TUS protocol DELETE endpoint allo...

8.1

CVE-2026-25890

Exploit
  • EPSS 0.01%
  • Veröffentlicht 09.02.2026 21:21:50
  • Zuletzt bearbeitet 20.02.2026 20:31:02

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to 2.57.1, an authenticated user can bypass the application's "Disallow" file path rules by modif...

5.4

CVE-2026-25889

Exploit
  • EPSS 0.04%
  • Veröffentlicht 09.02.2026 21:18:13
  • Zuletzt bearbeitet 23.02.2026 17:55:17

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to 2.57.1, a case-sensitivity flaw in the password validation logic allows any authenticated user...

5.3

CVE-2026-23849

Exploit
  • EPSS 0.26%
  • Veröffentlicht 19.01.2026 20:37:29
  • Zuletzt bearbeitet 03.02.2026 14:30:45

File Browser provides a file managing interface within a specified directory and can be used to upload, delete, preview, rename, and edit files. Prior to version 2.55.0, the JSONAuth. Auth function contains a logic flaw that allows unauthenticated at...

8.8

CVE-2025-64523

Exploit
  • EPSS 0.05%
  • Veröffentlicht 12.11.2025 22:11:36
  • Zuletzt bearbeitet 03.02.2026 14:35:31

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Versions prior to 2.45.1 have an Insecure Direct Object Reference (IDOR) vulnerability in the FileBrows...

9.8

CVE-2025-53826

Exploit
  • EPSS 0.27%
  • Veröffentlicht 15.07.2025 18:15:24
  • Zuletzt bearbeitet 05.08.2025 18:26:27

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.39.0, File Browser’s authentication system issues long-lived JWT tokens that remain valid...

6.5

CVE-2025-53893

Exploit
  • EPSS 0.25%
  • Veröffentlicht 15.07.2025 17:47:30
  • Zuletzt bearbeitet 05.08.2025 18:27:22

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.38.0, a Denial of Service (DoS) vulnerability exists in the file processing logic when re...

7.5

CVE-2025-52997

Medienbericht Exploit
  • EPSS 0.06%
  • Veröffentlicht 30.06.2025 20:15:25
  • Zuletzt bearbeitet 04.08.2025 18:15:35

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.34.1, a missing password policy and brute-force protection makes the authentication ...

4.3

CVE-2025-52996

Medienbericht Exploit
  • EPSS 0.05%
  • Veröffentlicht 30.06.2025 19:58:33
  • Zuletzt bearbeitet 04.08.2025 18:15:35

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In versions 2.32.0 and prior, the implementation of password protected links is error-prone, resulting ...