Cross site scripting

Afian FileRun 2021.03.26 allows stored XSS via an HTTP X-Forwarded-For header that is mishandled when rendering Activity Logs...

CVE-2021-35506

CVE-2021-35506 affects Afian FileRun 2021.03.26 and is a cross-site scripting (XSS) issue triggered when an administrator encounters a crafted document during use of the HTML Editor for a preview or edit action. Multiple connected sources (Red Hat, NVD/CVE record, CNNVD, PRION) corroborate that t...

CVE-2021-35506

Afian FileRun 2021.03.26 allows XSS when an administrator encounters a crafted document during use of the HTML Editor for a preview or edit action...

CVE-2021-35505

CVE-2021-35505 affects Afian FileRun 2021.03.26. The vulnerability enables Remote Code Execution by administrators via the Check Path value for the magick binary. The description identifies a path/command handling issue in the magick binary check, leading to code execution with the attacker’s cho...

CVE-2021-35505

Afian FileRun 2021.03.26 allows Remote Code Execution by administrators via the Check Path value for the magick binary...

CVE-2021-35504

CVE-2021-35504 affects Afian FileRun 2021.03.26 and enables Remote Code Execution (RCE) via the Check Path value used for the ffmpeg binary. The Red Hat and CVE/NVD entries confirm the vulnerability exists in that FileRun release and describe the root cause as improper handling of the ffmpeg bina...

CVE-2021-35504

Afian FileRun 2021.03.26 allows Remote Code Execution by administrators via the Check Path value for the ffmpeg binary...

CVE-2021-35503

CVE-2021-35503 affects Afian FileRun 2021.03.26. The issue is a stored XSS caused by mishandling of the HTTP X-Forwarded-For header when rendering Activity Logs, implying user-supplied header data could be reflected in logs and executed in the browser. The description identifies the affected comp...

CVE-2021-35503

Afian FileRun 2021.03.26 allows stored XSS via an HTTP X-Forwarded-For header that is mishandled when rendering Activity Logs...

Afian FileRun 跨站脚本漏洞

Afian FileRun is a full-featured web-based file manager. Afian FileRun 2021.03.26 A cross-site scripting vulnerability can be exploited by an attacker to cause an administrator to encounter a crafted document while performing a preview or editing operation using an HTML editor...

Afian FileRun 注入漏洞

Afian FileRun is a full-featured web-based file manager. A security vulnerability exists in Afian FileRun 2021.03.26 that allows remote code execution via the Check Path value of ffmpeg binaries...

Afian FileRun 注入漏洞

Afian FileRun is a full-featured web-based file manager. A security vulnerability exists in Afian FileRun 2021.03.26 that allows remote code execution...

Filerun 2021.03.26 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Filerun 2021.03.26 - Remote Code Execution RCE Authenticated Date: 09/21/2021 Exploit Author: syntegris information solutions GmbH Credits: Christian P. Vendor Homepage: https://filerun.com Software Link:...

Filerun 2021.03.26 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Filerun 2021.03.26 - Remote Code Execution RCE Authenticated Exploit Author: syntegris information solutions GmbH Credits: Christian P. Vendor Homepage: https://filerun.com Software Link:...

Filerun 2021.03.26 Remote Code Execution

Exploit Title: Filerun 2021.03.26 - Remote Code Execution RCE Authenticated Date: 09/21/2021 Exploit Author: syntegris information solutions GmbH Credits: Christian P. Vendor Homepage: https://filerun.com Software Link:...

FileRun CVE-2019-12905 - Cross Site Scripting

FileRun version 2019.05.21 suffers from a reflective cross site scripting vulnerability. Exploit Title: FileRun 2019.05.21 - Reflected Cross-Site Scripting Date: 2019-07-01 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://www.filerun.com/ Software Link: https://filerun.com/download Version:...

FileRun 2019.05.21 - Reflected Cross-Site Scripting Vulnerability

Exploit for multiple platform in category web applications Exploit Title: FileRun 2019.05.21 - Reflected Cross-Site Scripting Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://www.filerun.com/ Software Link: https://filerun.com/download Version: v2019.05.21 Tested on: Windows/Linux CVE:...

FileRun 2019.05.21 Cross Site Scripting

Exploit Title: FileRun 2019.05.21 - Reflected Cross-Site Scripting Date: 2019-07-01 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://www.filerun.com/ Software Link: https://filerun.com/download Version: v2019.05.21 Tested on: Windows/Linux CVE: CVE-2019-12905 CVE-2019-12905...

FileRun 2019.05.21 - Reflected Cross-Site Scripting

Exploit Title: FileRun 2019.05.21 - Reflected Cross-Site Scripting Date: 2019-07-01 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://www.filerun.com/ Software Link: https://filerun.com/download Version: v2019.05.21 Tested on: Windows/Linux CVE: CVE-2019-12905 CVE-2019-12905...

CVE-2019-12905

FileRun 2019.05.21 allows XSS via the filename to the ?module=fileman&section=do&page=up URI. This issue has been fixed in FileRun 2019.06.01...