CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

513 matches found

OSV•added 2026/01/19 8:37 p.m.•4 views

CVE-2026-23849 File Browser vulnerable to Username Enumeration via Timing Attack in /api/login

File Browser provides a file managing interface within a specified directory and can be used to upload, delete, preview, rename, and edit files. Prior to version 2.55.0, the JSONAuth. Auth function contains a logic flaw that allows unauthenticated attackers to enumerate valid usernames by measuri...

5.3CVSS5.7AI score0.00237EPSS

Exploits1References4

Positive Technologies•added 2026/01/19 12:0 a.m.•2 views

PT-2026-3502

Name of the Vulnerable Software and Affected Versions File Browser versions prior to 2.55.0 Description File Browser provides a file managing interface for tasks like uploading, deleting, and editing files. A flaw in the JSONAuth.Auth function allows unauthenticated attackers to identify valid...

5.3CVSS5.3AI score0.00237EPSS

Exploits1References11

RedhatCVE•added 2026/01/09 10:24 a.m.•4 views

CVE-2008-6342

Unspecified vulnerability in the TYPO3 Simple File Browser simplefilebrowser extension 1.0.2 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors...

5CVSS6.6AI score0.00282EPSS

Exploits0References1

GithubExploit•added 2025/12/30 3:58 p.m.•164 views

CVEhunter-Tools

CVEhunter: Integrated AI-Assisted Code Auditing Toolkit Windo...

5.8AI score

Exploits0

OSV•added 2025/11/17 7:11 p.m.•2 views

GO-2025-4117 File Browser is Vulnerable to Insecure Direct Object Reference (IDOR) in Share Deletion Function in github.com/filebrowser/filebrowser

File Browser is Vulnerable to Insecure Direct Object Reference IDOR in Share Deletion Function in github.com/filebrowser/filebrowser...

8.8CVSS6.6AI score0.00125EPSS

Exploits1References3

OSV•added 2025/11/17 7:11 p.m.•3 views

GO-2025-4118 File Browser has risk of HTTP Request/Response smuggling through vulnerable dependency in github.com/filebrowser/filebrowser

File Browser has risk of HTTP Request/Response smuggling through vulnerable dependency in github.com/filebrowser/filebrowser...

9.1CVSS6.9AI score0.00294EPSS

Exploits0References2

RedhatCVE•added 2025/11/13 11:8 p.m.•2 views

CVE-2025-64523

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Versions prior to 2.45.1 have an Insecure Direct Object Reference IDOR vulnerability in the FileBrowser application's share deletion functionality. Th...

7.2CVSS6.6AI score0.00125EPSS

Exploits1References1

Github Security Blog•added 2025/11/13 10:36 p.m.•24 views

File Browser has risk of HTTP Request/Response smuggling through vulnerable dependency

The standard library net/http package dependency used by File Browser improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. I can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a...

9.1CVSS7AI score0.00294EPSS

Exploits0References3Affected Software1

EUVD•added 2025/11/13 10:36 p.m.•2 views

EUVD-2025-180210

File Browser has risk of HTTP Request/Response smuggling through vulnerable dependency...

9.1CVSS6.5AI score0.00294EPSS

Exploits0References3

Github Security Blog•added 2025/11/13 10:34 p.m.•8 views

File Browser is Vulnerable to Insecure Direct Object Reference (IDOR) in Share Deletion Function

Summary It has been found an Insecure Direct Object Reference IDOR vulnerability in the FileBrowser application's share deletion functionality. This vulnerability allows any authenticated user with share permissions to delete other users' shared links without authorization checks. The impact is...

8.8CVSS6.6AI score0.00125EPSS

Exploits1References4Affected Software1

OSV•added 2025/11/13 10:34 p.m.•2 views

GHSA-6CQF-CFHV-659G File Browser is Vulnerable to Insecure Direct Object Reference (IDOR) in Share Deletion Function

8.8CVSS6.5AI score0.00125EPSS

Exploits1References4

Snyk•added 2025/11/13 10:34 p.m.•3 views

Improper Authorization

Overview github.com/filebrowser/filebrowser/v2/http is a web file browser. Affected versions of this package are vulnerable to Improper Authorization via the shareDeleteHandler function, which handles deletion requests based solely on the share hash, and does not verify whether the link.UserID...

8.8CVSS6.8AI score0.00125EPSS

Exploits1References2

EUVD•added 2025/11/13 10:34 p.m.•3 views

EUVD-2025-150363

File Browser is Vulnerable to Insecure Direct Object Reference IDOR in Share Deletion Function...

7.2CVSS6.3AI score0.00125EPSS

Exploits1References3

NVD•added 2025/11/12 11:15 p.m.•2 views

CVE-2025-64523

8.8CVSS0.00125EPSS

Exploits1References2

OSV•added 2025/11/12 10:11 p.m.•2 views

CVE-2025-64523 FileBrowser has Insecure Direct Object Reference (IDOR) in Share Deletion Function

7.2CVSS6.5AI score0.00125EPSS

Exploits1References4

Positive Technologies•added 2025/11/12 12:0 a.m.•3 views

PT-2025-46766

Name of the Vulnerable Software and Affected Versions File Browser versions prior to 2.45.1 Description File Browser provides a file managing interface for tasks like uploading, deleting, previewing, renaming, and editing files. An Insecure Direct Object Reference IDOR exists in the application's...

8.8CVSS6.5AI score0.00125EPSS

Exploits1References13

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2011-4749

Malware in sbrugna...

4CVSS6.4AI score0.02525EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2011-2634

Malware in sbrugna...

7.5CVSS6.4AI score0.02148EPSS

Exploits0References7