CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

NVD•added 2021/10/05 1:15 p.m.•13 views

CVE-2021-35506

Afian FileRun 2021.03.26 allows XSS when an administrator encounters a crafted document during use of the HTML Editor for a preview or edit action...

6.1CVSS0.00281EPSS

Exploits1References2

Prion•added 2021/10/05 1:15 p.m.•20 views

Design/Logic Flaw

Afian FileRun 2021.03.26 allows XSS when an administrator encounters a crafted document during use of the HTML Editor for a preview or edit action...

4.3CVSS6AI score0.00281EPSS

Exploits1References2Affected Software1

Prion•added 2021/10/05 12:15 p.m.•18 views

Remote code execution

Afian FileRun 2021.03.26 allows Remote Code Execution by administrators via the Check Path value for the ffmpeg binary...

6.5CVSS7.3AI score0.09455EPSS

Exploits1References2Affected Software1

Prion•added 2021/10/05 12:15 p.m.•16 views

Cross site scripting

Afian FileRun 2021.03.26 allows stored XSS via an HTTP X-Forwarded-For header that is mishandled when rendering Activity Logs...

4.3CVSS6.5AI score0.0024EPSS

Exploits1References2Affected Software1

CVE•added 2021/10/05 12:0 p.m.•51 views

CVE-2021-35505

CVE-2021-35505 affects Afian FileRun 2021.03.26. The vulnerability enables Remote Code Execution by administrators via the Check Path value for the magick binary. The description identifies a path/command handling issue in the magick binary check, leading to code execution with the attacker’s cho...

7.2CVSS7.3AI score0.032EPSS

Exploits1References2Affected Software1

CVE•added 2021/10/05 11:59 a.m.•42 views

CVE-2021-35504

CVE-2021-35504 affects Afian FileRun 2021.03.26 and enables Remote Code Execution (RCE) via the Check Path value used for the ffmpeg binary. The Red Hat and CVE/NVD entries confirm the vulnerability exists in that FileRun release and describe the root cause as improper handling of the ffmpeg bina...

7.2CVSS7.3AI score0.09455EPSS

Exploits1References2Affected Software1

CVE•added 2021/10/05 11:58 a.m.•46 views

CVE-2021-35503

CVE-2021-35503 affects Afian FileRun 2021.03.26. The issue is a stored XSS caused by mishandling of the HTTP X-Forwarded-For header when rendering Activity Logs, implying user-supplied header data could be reflected in logs and executed in the browser. The description identifies the affected comp...

6.1CVSS6.5AI score0.0024EPSS

Exploits1References2Affected Software1

CNNVD•added 2021/10/05 12:0 a.m.•2 views

Afian FileRun 注入漏洞

Afian FileRun is a full-featured web-based file manager. A security vulnerability exists in Afian FileRun 2021.03.26 that allows remote code execution via the Check Path value of ffmpeg binaries...

7.2CVSS7.8AI score0.09455EPSS

Exploits1References3

CNNVD•added 2021/10/05 12:0 a.m.•2 views

Afian FileRun 注入漏洞

Afian FileRun is a full-featured web-based file manager. A security vulnerability exists in Afian FileRun 2021.03.26 that allows remote code execution...

7.2CVSS7.5AI score0.032EPSS

Exploits1References3

Exploit DB•added 2021/09/22 12:0 a.m.•241 views

Filerun 2021.03.26 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Filerun 2021.03.26 - Remote Code Execution RCE Authenticated Date: 09/21/2021 Exploit Author: syntegris information solutions GmbH Credits: Christian P. Vendor Homepage: https://filerun.com Software Link:...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by