277 matches found
CVE-2023-39612
FileBrowser- vulnerability CVE-2023-39612 describes a cross-site scripting (XSS) flaw in the open-source file manager that, when a user interacts with a crafted HTML file or URL, can escalate an authenticated user to Administrator. The publicly documented impact is a full privilege elevation on v...
CVE-2023-39612
A cross-site scripting XSS vulnerability in FileBrowser before v2.23.0 allows an authenticated attacker to escalate privileges to Administrator via user interaction with a crafted HTML file or URL...
FileBrowser 跨站脚本漏洞
FileBrowser is an open source web file browser. Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a cross-site scripting vulnerability that can be exploited by an attacker to escalate privileges ...
Exploit for Cross-Site Request Forgery (CSRF) in Filebrowser
CVE-2021-46398 - Lalie ARNOUD, Gaspard ANDRIEU In this reposi...
FileBrowser Cross-Site Request Forgery Vulnerability
FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser suffers from a cross-site request forgery vulnerability, which is caused by improper validation of...
FileBrowser 2.17.2 - Cross Site Request Forgery to Remote Code Execution Vulnerability
Exploit Title: FileBrowser 2.17.2 - Cross Site Request Forgery CSRF to Remote Code Execution RCE Exploit Author: FEBIN MON SAJI Vendor Homepage: https://filebrowser.org/ Software Link: https://github.com/filebrowser/filebrowser Version: FileBrowser setTimeoutfunction...
FileBrowser 2.17.2 Code Execution / Cross Site Request Forgery
Exploit Title: FileBrowser 2.17.2 - Cross Site Request Forgery CSRF to Remote Code Execution RCE Date: 5/2/2022 Exploit Author: FEBIN MON SAJI Vendor Homepage: https://filebrowser.org/ Software Link: https://github.com/filebrowser/filebrowser Version: FileBrowser setTimeoutfunction...
FileBrowser 2.17.2 - Cross Site Request Forgery (CSRF) to Remote Code Execution (RCE)
Exploit Title: FileBrowser 2.17.2 - Cross Site Request Forgery CSRF to Remote Code Execution RCE Date: 5/2/2022 Exploit Author: FEBIN MON SAJI Vendor Homepage: https://filebrowser.org/ Software Link: https://github.com/filebrowser/filebrowser Version: FileBrowser setTimeoutfunction...
GO-2022-0563 Cross-site request forgery in github.com/filebrowser/filebrowser/v2
A Cross-Site Request Forgery vulnerability exists in Filebrowser that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim...
GHSA-72WF-HWCQ-65H9 Cross-Site Request Forgery in Filebrowser
A Cross-Site Request Forgery CSRF vulnerability exists in Filebrowser 2.18.0 that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim...
Cross-Site Request Forgery in Filebrowser
A Cross-Site Request Forgery CSRF vulnerability exists in Filebrowser 2.18.0 that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim...
CVE-2021-46398
A Cross-Site Request Forgery vulnerability exists in Filebrowser 2.18.0 that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim. An admin can run commands using the FileBrowser and hence it leads...
CVE-2021-46398
A Cross-Site Request Forgery vulnerability exists in Filebrowser 2.18.0 that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim. An admin can run commands using the FileBrowser and hence it leads...
CVE-2021-46398
A Cross-Site Request Forgery vulnerability exists in Filebrowser 2.18.0 that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim. An admin can run commands using the FileBrowser and hence it leads...
Cross site request forgery (csrf)
A Cross-Site Request Forgery vulnerability exists in Filebrowser 2.18.0 that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim. An admin can run commands using the FileBrowser and hence it leads...
CVE-2021-46398
A Cross-Site Request Forgery vulnerability exists in Filebrowser 2.18.0 that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim. An admin can run commands using the FileBrowser and hence it leads...
CVE-2021-46398
CVE-2021-46398 describes a Cross-Site Request Forgery in FileBrowser prior to v2.18.0 that enables an attacker to create an admin backdoor user and gain access to the server filesystem, potentially leading to Remote Code Execution (RCE). Exploitation involves luring an admin to load a crafted HTM...
FileBrowser 跨站请求伪造漏洞
FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser suffers from a cross-site request forgery vulnerability, which is caused by improper validation of...
FileBrowser Cross-Site Scripting Vulnerability (CNVD-2025-22709)
FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser suffers from a cross-site scripting vulnerability that is caused by improper validation of...
CVE-2021-37794
A stored cross-site scripting XSS vulnerability exists in FileBrowser v2.16.0 that allows an authenticated user authorized to upload a malicious .svg file which acts as a stored XSS payload. If this stored XSS payload is triggered by an administrator it will trigger malicious OS commands on the...