FileBrowser 安全漏洞

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a command injection vulnerability that can be exploited by an attacker to gain read and write...

FileBrowser 安全漏洞

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a command injection vulnerability that can be exploited by an attacker to execute arbitrary...

FileBrowser 安全漏洞

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser suffers from a cross-site scripting vulnerability that is caused by improper validation of user inpu...

de.chandre.admin-tools:admin-tools-dbbrowser (>=1.1.1 <=1.1.7.3), de.chandre.admin-tools:admin-tools-filebrowser (>=1.1.1 <=1.1.7.3) +3 more potentially affected by CVE-2025-6493 via org.webjars.bower:codemirror (>=3.23.0 <=5.58.2)

org.webjars.bower:codemirror MAVEN version =3.23.0, =1.1.1, =1.1.1, =3.4.3, =3.4.4 - org.webjars.bower:mergely =3.3.6 Source cves: CVE-2025-6493 Source advisory: SNYK:JAVA-ORGWEBJARSBOWER-10494097...

CVE-2021-37794

A stored cross-site scripting XSS vulnerability exists in FileBrowser v2.16.0 that allows an authenticated user authorized to upload a malicious .svg file which acts as a stored XSS payload. If this stored XSS payload is triggered by an administrator it will trigger malicious OS commands on the...

GHSA-7VPP-9CXJ-Q8GV vulnerabilities

Vulnerabilities for packages: filebrowser, kots, mattermost...

CVE-2025-3445 vulnerabilities

Vulnerabilities for packages: filebrowser, kots, mattermost...

GHSA-7VPP-9CXJ-Q8GV vulnerabilities

Vulnerabilities for packages: filebrowser, kots, mattermost, vault, mattermost-fips...

CVE-2025-3445 vulnerabilities

Vulnerabilities for packages: filebrowser, kots, mattermost, vault, mattermost-fips...

Synology DiskStation Manager Path Traversal (CVE-2013-6987)

Multiple directory traversal vulnerabilities in the FileBrowser components in Synology DiskStation Manager DSM before 4.3-3810 Update 3 allow remote attackers to read, write, and delete arbitrary files via a .. dot dot in the 1 path parameter to filedelete.cgi or 2 folderpath parameter to...

GHSA-4WRM-QMQ2-5FJX Directory Traversal in evershop

Directory Traversal vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the readDirSync function in fileBrowser/browser.js...

CVE-2023-46493

Directory Traversal vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the readDirSync function in fileBrowser/browser.js...

CVE-2023-46493

Directory Traversal vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the readDirSync function in fileBrowser/browser.js...

django-filebrowser (=3.13.2), geonode (=3.3.3) +2 more potentially affected by CVE-2021-46898 via django-grappelli (>=2.10.1 <=2.15.1)

django-grappelli PYPI version =2.10.1, =6.5.0, =1.12.1, =1.13.0.dev10 Source cves: CVE-2021-46898 Source advisory: OSV:GHSA-9X43-5QCQ-H79Q...

django-filebrowser (=3.13.2), geonode (=3.3.3) +2 more potentially affected by CVE-2021-46898 via django-grappelli (>=2.10.1 <=2.15.1)

django-grappelli PYPI version =2.10.1, =6.5.0, =1.12.1, =1.13.0.dev10 Source cves: CVE-2021-46898 Source advisory: OSV:PYSEC-2023-211...

FileBrowser cross-site scripting vulnerability (CNVD-2025-22707)

FileBrowser is an open source web file browser. Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a cross-site scripting vulnerability that can be exploited by an attacker to escalate privileges ...

CVE-2023-39612

A cross-site scripting XSS vulnerability in FileBrowser before v2.23.0 allows an authenticated attacker to escalate privileges to Administrator via user interaction with a crafted HTML file or URL...

CVE-2023-39612

A cross-site scripting XSS vulnerability in FileBrowser before v2.23.0 allows an authenticated attacker to escalate privileges to Administrator via user interaction with a crafted HTML file or URL...

CVE-2023-39612

A cross-site scripting XSS vulnerability in FileBrowser before v2.23.0 allows an authenticated attacker to escalate privileges to Administrator via user interaction with a crafted HTML file or URL...

Cross site scripting

A cross-site scripting XSS vulnerability in FileBrowser before v2.23.0 allows an authenticated attacker to escalate privileges to Administrator via user interaction with a crafted HTML file or URL...