548 matches found
GO-2025-3790 File Browser's password protection of links is bypassable in github.com/filebrowser/filebrowser
File Browser's password protection of links is bypassable in github.com/filebrowser/filebrowser...
GO-2025-3793 File Browser: Command Execution not Limited to Scope in github.com/filebrowser/filebrowser
File Browser: Command Execution not Limited to Scope in github.com/filebrowser/filebrowser...
GO-2025-3795 File Browser vulnerable to command execution allowlist bypass in github.com/filebrowser/filebrowser
File Browser vulnerable to command execution allowlist bypass in github.com/filebrowser/filebrowser...
GO-2025-3792 File Browser vulnerable to insecure password handling in github.com/filebrowser/filebrowser
File Browser vulnerable to insecure password handling in github.com/filebrowser/filebrowser...
GO-2025-3794 File Browser allows sensitive data to be transferred in URL in github.com/filebrowser/filebrowser
File Browser allows sensitive data to be transferred in URL in github.com/filebrowser/filebrowser...
GO-2025-3812 File Browser’s insecure JWT handling can lead to session replay attacks after logout in github.com/filebrowser/filebrowser
File Browser’s insecure JWT handling can lead to session replay attacks after logout in github.com/filebrowser/filebrowser...
CVE-2025-53826
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.39.0, File Browser’s authentication system issues long-lived JWT tokens that remain valid even after the user logs out. As of time of...
CVE-2025-53893
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.38.0, a Denial of Service DoS vulnerability exists in the file processing logic when reading a file on endpoint...
CVE-2025-53893
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.38.0, a Denial of Service DoS vulnerability exists in the file processing logic when reading a file on endpoint...
CVE-2025-53826
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.39.0, File Browser’s authentication system issues long-lived JWT tokens that remain valid even after the user logs out. As of time of...
CVE-2025-53826 FileBrowser Has Insecure JWT Handling Which Allows Session Replay Attacks after Logout
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.39.0, File Browser’s authentication system issues long-lived JWT tokens that remain valid even after the user logs out. As of time of...
CVE-2025-53826 FileBrowser Has Insecure JWT Handling Which Allows Session Replay Attacks after Logout
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.39.0, File Browser’s authentication system issues long-lived JWT tokens that remain valid even after the user logs out. As of time of...
CVE-2025-53826 FileBrowser Has Insecure JWT Handling Which Allows Session Replay Attacks after Logout
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.39.0, File Browser’s authentication system issues long-lived JWT tokens that remain valid even after the user logs out. As of time of...
CVE-2025-53893
CVE-2025-53893 affects the filebrowser/filebrowser 2.38.0 DoS vulnerability where the server loads entire file content into memory during reads (e.g., /files/{file-name} or /api/resources/{file-name}) without size checks, enabling an authenticated user to trigger memory exhaustion and potentially...
CVE-2025-53893 File Browser Vulnerable to Uncontrolled Memory Consumption Due to Oversized File Processing
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.38.0, a Denial of Service DoS vulnerability exists in the file processing logic when reading a file on endpoint...
CVE-2025-53893 File Browser Vulnerable to Uncontrolled Memory Consumption Due to Oversized File Processing
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.38.0, a Denial of Service DoS vulnerability exists in the file processing logic when reading a file on endpoint...
PT-2025-29583 · Unknown · Filebrowser
Name of the Vulnerable Software and Affected Versions: File Browser version 2.38.0 Description: File Browser provides a file managing interface for managing files within a specified directory, including upload, delete, preview, rename, and edit functionalities. A denial-of-service issue exists in...
PT-2025-29588
Name of the Vulnerable Software and Affected Versions File Browser version 2.39.0 Description File Browser provides a file managing interface within a specified directory, allowing users to upload, delete, preview, rename, and edit files. The authentication system in version 2.39.0 issues...
FileBrowser has an unspecified vulnerability (CNVD-2025-22704)
FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a security vulnerability that originates from an access token passed as a GET parameter, which c...
FileBrowser Command Injection Vulnerability (CNVD-2025-22706)
FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser suffers from a command injection vulnerability, which is caused by a flaw in the command execution...