277 matches found
GO-2026-4475 File Browser has an Authentication Bypass in User Password Update in github.com/filebrowser/filebrowser
File Browser has an Authentication Bypass in User Password Update in github.com/filebrowser/filebrowser...
GO-2026-4474 File Browser has a Path-Based Access Control Bypass via Multiple Leading Slashes in URL in github.com/filebrowser/filebrowser
File Browser has a Path-Based Access Control Bypass via Multiple Leading Slashes in URL in github.com/filebrowser/filebrowser...
CVE-2026-25890 vulnerabilities
Vulnerabilities for packages: filebrowser...
GHSA-4MH3-H929-W968 vulnerabilities
Vulnerabilities for packages: filebrowser...
CVE-2026-25890 vulnerabilities
Vulnerabilities for packages: filebrowser...
GHSA-4MH3-H929-W968 vulnerabilities
Vulnerabilities for packages: filebrowser...
Incorrect Authorization
Overview github.com/filebrowser/filebrowser/v2/http is a web file browser. Affected versions of this package are vulnerable to Incorrect Authorization via improper normalization of URL paths in the rules. An attacker can gain unauthorized access to restricted files and perform unauthorized...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via improper normalization of URL paths in the rules. An attacker can gain unauthorized access to restricted files and perform unauthorized modifications by crafting requests with multiple leading slashes in the...
Improper Handling of Case Sensitivity
Overview github.com/filebrowser/filebrowser/v2/http is a web file browser. Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity due to improper handling of case sensitivity in the userPutHandler function. An attacker can gain unauthorized access to user accoun...
Improper Handling of Case Sensitivity
Overview Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity due to improper handling of case sensitivity in the userPutHandler function. An attacker can gain unauthorized access to user accounts and modify passwords without verification by submitting API...
GO-2026-4344 File Browser Vulnerable to Username Enumeration via Timing Attack in /api/login in github.com/filebrowser/filebrowser
File Browser Vulnerable to Username Enumeration via Timing Attack in /api/login in github.com/filebrowser/filebrowser...
GHSA-43MM-M3H2-3PRC vulnerabilities
Vulnerabilities for packages: filebrowser...
CVE-2026-23849 vulnerabilities
Vulnerabilities for packages: filebrowser...
GHSA-43MM-M3H2-3PRC vulnerabilities
Vulnerabilities for packages: filebrowser...
CVE-2026-23849 vulnerabilities
Vulnerabilities for packages: filebrowser...
Timing Attack
Overview Affected versions of this package are vulnerable to Timing Attack via the JSONAuth.Auth function. An unauthenticated attacker can determine valid usernames by measuring the response time of the /api/login endpoint, exploiting the timing discrepancy between valid and invalid username...
FileBrowser security vulnerability
FileBrowser is a web-based file browser developed by Seagate as open source. It provides a file management interface for specified directories, allowing users to upload, delete, preview, rename, and edit their files. It supports multiple users, with each user having their own directories...
CVE-2018-12298
Directory Traversal in filebrowser in Seagate NAS OS 4.3.15.1 allows attackers to read files within the application's container via a URL path...
CVE-2025-53893 vulnerabilities
Vulnerabilities for packages: filebrowser...
GHSA-7XQM-7738-642X vulnerabilities
Vulnerabilities for packages: filebrowser...