Files SQL注入漏洞

Files is a single-file PHP application from the individual developer Karl Ward. It can be dragged and dropped into any directory, allowing browsing of the files and directories within. A SQL injection vulnerability exists in Files 0.16.9 and prior versions, which stems from a failure to block...

Files 安全漏洞

Files is a single-file PHP application from the individual developer Karl Ward. It can be dragged and dropped into any directory, allowing browsing of the files and directories within. A security vulnerability exists in Files 0.16.9 and earlier versions, which stems from the file moving feature n...

CVE-2025-54790 Files: Potential for SQL Injection through File Browse and List Operations

Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, Files does not have logic to prevent the exploitation of backend SQL queries without direct output, potentially allowing unauthorized data access. This is fixed in version 0.16.10...

CVE-2025-54790 Files: Potential for SQL Injection through File Browse and List Operations

Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, Files does not have logic to prevent the exploitation of backend SQL queries without direct output, potentially allowing unauthorized data access. This is fixed in version 0.16.10...

1-click-bom (>=1.3.0 <=1.3.1), 25uikit (>=1.2.7 <=1.2.10) +2749 more potentially affected by CVE-2021-32012 via xlsx (>=0.10.3 <=0.16.9)

xlsx NPM version =0.10.3, =1.3.0, =1.2.7, =1.0.6, =0.0.1, =0.0.1, =0.0.3, =0.10.22, =0.0.2, =1.9.2, =1.0.1, =1.0.0, =1.0.1 - @aarongray.org/xlsx-workbook =0.0.1 - @abcum/ember-sheetjs =0.1.0 and more Source cves: CVE-2021-32012 Source advisory: OSV:GHSA-3X9F-74H4-2FQR...

1-click-bom (>=1.3.0 <=1.3.1), 25uikit (>=1.2.7 <=1.2.10) +2749 more potentially affected by CVE-2021-32013 via xlsx (>=0.10.3 <=0.16.9)

xlsx NPM version =0.10.3, =1.3.0, =1.2.7, =1.0.6, =0.0.1, =0.0.1, =0.0.3, =0.10.22, =0.0.2, =1.9.2, =1.0.1, =1.0.0, =1.0.1 - @aarongray.org/xlsx-workbook =0.0.1 - @abcum/ember-sheetjs =0.1.0 and more Source cves: CVE-2021-32013 Source advisory: OSV:GHSA-8VCR-VXM8-293M...

1-click-bom (>=1.3.0 <=1.3.1), 25uikit (>=1.2.7 <=1.2.10) +2749 more potentially affected by CVE-2021-32014 via xlsx (>=0.10.3 <=0.16.9)

xlsx NPM version =0.10.3, =1.3.0, =1.2.7, =1.0.6, =0.0.1, =0.0.1, =0.0.3, =0.10.22, =0.0.2, =1.9.2, =1.0.1, =1.0.0, =1.0.1 - @aarongray.org/xlsx-workbook =0.0.1 - @abcum/ember-sheetjs =0.1.0 and more Source cves: CVE-2021-32014 Source advisory: OSV:GHSA-G973-978J-2C3P...

Denial of Service in SheetJS Pro

SheetJS Pro through 0.16.9 allows attackers to cause a denial of service CPU consumption via a crafted .xlsx document that is mishandled when read by xlsx.js...

CVE-2021-32012

SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service memory consumption via a crafted .xlsx document that is mishandled when read by xlsx.js issue 1 of 2...

SheetJS Pro 资源管理错误漏洞

SheetJS Pro is open source a spreadsheet data parser and writer. Create beautiful reports . Faster import and export. Preview grids, images and PDFs. A security vulnerability exists in SheetJS Pro 0.16.9 and earlier versions, where an attacker can cause a denial of service via a crafted .xlsx...

SheetJS Pro 资源管理错误漏洞

SheetJS Pro is open source a spreadsheet data parser and writer. Create beautiful reports. Faster import and export. Preview grids, images, and PDFs. A security vulnerability exists in SheetJS Pro version 0.16.9 and earlier, which can be exploited by attackers to cause a denial of service memory...

1-click-bom (>=1.3.0 <=1.3.1), 25uikit (>=1.2.7 <=1.2.10) +2749 more potentially affected by CVE-2021-32013 via xlsx (>=0.10.3 <=0.16.9)

xlsx NPM version =0.10.3, =1.3.0, =1.2.7, =1.0.6, =0.0.1, =0.0.1, =0.0.3, =0.10.22, =0.0.2, =1.9.2, =1.0.1, =1.0.0, =1.0.1 - @aarongray.org/xlsx-workbook =0.0.1 - @abcum/ember-sheetjs =0.1.0 and more Source cves: CVE-2021-32013 Source advisory: SNYK:JS-XLSX-1311137...