Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

548 matches found

CVE
CVEadded 2025/06/26 6:16 p.m.37 views

CVE-2025-52903

CVE-2025-52903 affects the open-source web file browser project File Browser (filebrowser/filebrowser), specifically version 2.32.0. The issue stems from the Command Execution feature, which is intended to run only predefined shell commands, but can be exploited to run arbitrary subcommands, effe...

8CVSS6.5AI score0.00956EPSS
Exploits1References7Affected Software1
OSV
OSVadded 2025/06/26 6:16 p.m.3 views

CVE-2025-52903 File Browser Allows Execution of Shell Commands That Can Spawn Other Commands

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In version 2.32.0, the Command Execution feature of File Browser only allows the execution of shell command which have been predefined on a...

8CVSS7.8AI score0.00956EPSS
Exploits1References6
NVD
NVDadded 2025/06/26 3:15 p.m.4 views

CVE-2025-52900

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same is true for the...

5.5CVSS0.0019EPSS
Exploits1References2
NVD
NVDadded 2025/06/26 3:15 p.m.4 views

CVE-2025-52902

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The Markdown preview function of File Browser prior to v2.33.7 is vulnerable to Stored Cross-Site-Scripting XSS. Any JavaScript code that is part of a...

7.6CVSS0.00265EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/06/26 2:37 p.m.3 views

CVE-2025-52902 File Browser has Stored Cross-Site Scripting vulnerability

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The Markdown preview function of File Browser prior to v2.33.7 is vulnerable to Stored Cross-Site-Scripting XSS. Any JavaScript code that is part of a...

7.6CVSS7AI score0.00265EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/06/26 2:37 p.m.7 views

CVE-2025-52902 File Browser has Stored Cross-Site Scripting vulnerability

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The Markdown preview function of File Browser prior to v2.33.7 is vulnerable to Stored Cross-Site-Scripting XSS. Any JavaScript code that is part of a...

7.6CVSS0.00265EPSS
Exploits1References2
CVE
CVEadded 2025/06/26 2:37 p.m.25 views

CVE-2025-52902

CVE-2025-52902 concerns the open‑source File Browser project, where the Markdown preview feature in versions before 2.33.7 is vulnerable to Stored Cross‑Site Scripting (XSS). If a user uploads a Markdown file containing JavaScript, the code can be executed when another user previews the file. The...

7.6CVSS7AI score0.00265EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2025/06/26 2:37 p.m.5 views

CVE-2025-52902 File Browser has Stored Cross-Site Scripting vulnerability

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The Markdown preview function of File Browser prior to v2.33.7 is vulnerable to Stored Cross-Site-Scripting XSS. Any JavaScript code that is part of a...

7.6CVSS6.5AI score0.00265EPSS
Exploits1References4
Cvelist
Cvelistadded 2025/06/26 2:35 p.m.8 views

CVE-2025-52900 File Browser has Insecure File Permissions

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same is true for the...

5.5CVSS0.0019EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/06/26 2:35 p.m.3 views

CVE-2025-52900 File Browser has Insecure File Permissions

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same is true for the...

5.5CVSS7.1AI score0.0019EPSS
Exploits1References2
CVE
CVEadded 2025/06/26 2:35 p.m.26 views

CVE-2025-52900

Summary: CVE-2025-52900 affects the File Browser project. On servers running versions prior to 2.33.7, the application does not explicitly set permissions for uploaded/created files and its database, so file access is governed by the system umask. This can allow all OS accounts on the server to r...

5.5CVSS7.1AI score0.0019EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2025/06/26 2:35 p.m.3 views

CVE-2025-52900 File Browser has Insecure File Permissions

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same is true for the...

5.5CVSS6.5AI score0.0019EPSS
Exploits1References4
CNNVD
CNNVDadded 2025/06/26 12:0 a.m.3 views

FileBrowser 安全漏洞

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a command injection vulnerability that can be exploited by an attacker to gain read and write...

8CVSS7.8AI score0.00885EPSS
Exploits1References4
CNNVD
CNNVDadded 2025/06/26 12:0 a.m.2 views

FileBrowser 安全漏洞

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a security vulnerability , the vulnerability stems from the file access permissions are not...

5.5CVSS6.8AI score0.0019EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/06/26 12:0 a.m.2 views

PT-2025-26977 · Unknown · Filebrowser

Name of the Vulnerable Software and Affected Versions: File Browser versions prior to 2.33.7 Description: The issue arises from File Browser not explicitly setting file access permissions for uploaded or created files, as well as its database. This results in files being readable by any operating...

5.5CVSS6.2AI score0.0019EPSS
Exploits1References11
Positive Technologies
Positive Technologiesadded 2025/06/26 12:0 a.m.5 views

PT-2025-27006

Name of the Vulnerable Software and Affected Versions: File Browser version 2.32.0 Description: The issue concerns the Command Execution feature in File Browser, which allows the execution of shell commands predefined on a user-specific allowlist. However, many tools can execute arbitrary command...

8CVSS6.5AI score0.00956EPSS
Exploits1References74
CNNVD
CNNVDadded 2025/06/26 12:0 a.m.2 views

FileBrowser 安全漏洞

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a command injection vulnerability that can be exploited by an attacker to execute arbitrary...

8CVSS8.3AI score0.00956EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2025/06/26 12:0 a.m.3 views

PT-2025-26978

Name of the Vulnerable Software and Affected Versions: File Browser versions prior to 2.33.7 Description: The Markdown preview function of File Browser is vulnerable to Stored Cross-Site-Scripting XSS. Any JavaScript code that is part of a Markdown file uploaded by a user will be executed by the...

7.6CVSS5.8AI score0.00265EPSS
Exploits1References13
RedhatCVE
RedhatCVEadded 2025/05/22 7:53 a.m.7 views

CVE-2018-16549

HScripts PHP File Browser Script v1.0 allows Directory Traversal via the index.php path parameter...

5.3CVSS7.1AI score0.02503EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 7:49 a.m.8 views

CVE-2019-10632

A directory traversal vulnerability in the file browser component on the Zyxel NAS 326 version 5.21 and below allows a lower privileged user to change the location of any other user's files...

6.5CVSS6.8AI score0.01424EPSS
Exploits1References1
Rows per page
Query Builder