72 matches found
CVE-2022-24633
All versions of FileCloud prior to 21.3 are vulnerable to user enumeration. The vulnerability exists in the parameter "path" passing "/SHARED/". A malicious actor could identify the existence of users by requesting share information on specified share paths...
FileCloud 21.2 - Cross-Site Request Forgery (CSRF)
Exploit Title: FileCloud 21.2 - Cross-Site Request Forgery CSRF Date: 2022-02-20 Exploit Author: Masashi Fujiwara Vendor Homepage: https://www.filecloud.com/ Software Link: https://hub.docker.com/r/filecloud/filecloudserver21.2 Version: All versions of FileCloud prior to 21.3 Fiexd: version...
FileCloud 21.2 Cross Site Request Forgery
Exploit Title: FileCloud 21.2 - Cross-Site Request Forgery CSRF Date: 2022-02-20 Exploit Author: Masashi Fujiwara Vendor Homepage: https://www.filecloud.com/ Software Link: https://hub.docker.com/r/filecloud/filecloudserver21.2 Version: All versions of FileCloud prior to 21.3 Fiexd: version...
FileCloud 21.2 - Cross-Site Request Forgery Vulnerability
Exploit Title: FileCloud 21.2 - Cross-Site Request Forgery CSRF Date: 2022-02-20 Exploit Author: Masashi Fujiwara Vendor Homepage: https://www.filecloud.com/ Software Link: https://hub.docker.com/r/filecloud/filecloudserver21.2 Version: All versions of FileCloud prior to 21.3 Fiexd: version...
CVE-2022-25241
In FileCloud before 21.3, the CSV user import functionality is vulnerable to Cross-Site Request Forgery CSRF...
CVE-2022-25241
In FileCloud before 21.3, the CSV user import functionality is vulnerable to Cross-Site Request Forgery CSRF...
CVE-2022-25242
In FileCloud before 21.3, file upload is not protected against Cross-Site Request Forgery CSRF...
CVE-2022-25242
In FileCloud before 21.3, file upload is not protected against Cross-Site Request Forgery CSRF...
CVE-2022-25241
In FileCloud before 21.3, the CSV user import functionality is vulnerable to Cross-Site Request Forgery CSRF...
CVE-2022-25242
In FileCloud before 21.3, file upload is not protected against Cross-Site Request Forgery CSRF...
Cross site request forgery (csrf)
In FileCloud before 21.3, the CSV user import functionality is vulnerable to Cross-Site Request Forgery CSRF...
Cross site request forgery (csrf)
In FileCloud before 21.3, file upload is not protected against Cross-Site Request Forgery CSRF...
CVE-2022-25241
CVE-2022-25241 : FileCloud before 21.3 is vulnerable to a Cross-Site Request Forgery (CSRF) in the CSV user import feature. The issue enables an attacker to trick a logged-in user into performing unintended actions, with impact on confidentiality, integrity, and availability as indicated by CVSS ...
CVE-2022-25241
In FileCloud before 21.3, the CSV user import functionality is vulnerable to Cross-Site Request Forgery CSRF...
CVE-2022-25242
In FileCloud before 21.3, file upload is not protected against Cross-Site Request Forgery CSRF...
CVE-2022-25242
The provided records confirm CVE-2022-25242 affects FileCloud prior to version 21.3, where the file upload feature lacks CSRF protection. The vulnerability is described as enabling CSRF via file uploads, with a CVSS v3.1 base score of 8.8 (HIGH) and attacker interaction required (UI:R, PR:N). No ...
FileCloud 跨站请求伪造漏洞
FileCloud is an ultra-secure content collaboration platform from US-based FileCloud, Inc. offering industry-leading compliance, data governance, data leakage protection, data retention and digital rights management capabilities. A security vulnerability exists in FileCloud prior to 21.3 that allo...
FileCloud 跨站请求伪造漏洞
FileCloud is an ultra-secure content collaboration platform from US-based FileCloud, Inc. offering industry-leading compliance, data governance, data leakage protection, data retention and digital rights management capabilities. A security vulnerability exists in FileCloud prior to 21.3 that allo...
CodeLathe FileCloud Information Disclosure Vulnerability
codelathe filecloud is a set of file access, synchronization and sharing solutions from codelathe in the United States for use within the enterprise. An information disclosure vulnerability exists in versions prior to CodeLathe FileCloud 20.2.0.11915. An attacker can exploit the vulnerability to...
CVE-2020-26524
CodeLathe FileCloud before 20.2.0.11915 allows username enumeration...