Brute Force

Overview Affected versions of this package are vulnerable to Brute Force due to the lack of password policy and brute-force protection in the authentication process. An attacker can gain unauthorized access to user accounts by performing automated brute-force attacks. Remediation Upgrade...

Brute Force

Overview Affected versions of this package are vulnerable to Brute Force due to the lack of password policy and brute-force protection in the authentication process. An attacker can gain unauthorized access to user accounts by performing automated brute-force attacks. Remediation Upgrade...

Arbitrary Command Injection

Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the erroneous implementation of the allowlist process. An attacker can gain unauthorized access to execute arbitrary shell commands by bypassing configured restrictions. This may result in exposure or...

Arbitrary Command Injection

Overview github.com/filebrowser/filebrowser/v2/http is a web file browser. Affected versions of this package are vulnerable to Arbitrary Command Injection via the erroneous implementation of the allowlist process. An attacker can gain unauthorized access to execute arbitrary shell commands by...

Arbitrary Command Injection

Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the erroneous implementation of the allowlist process. An attacker can gain unauthorized access to execute arbitrary shell commands by bypassing configured restrictions. This may result in exposure or...

Authentication Bypass by Primary Weakness

Overview github.com/filebrowser/filebrowser/v2/http is a web file browser. Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness via the password protected links process. An attacker can gain unauthorized access to files by obtaining or discovering direct...

FileBrowser 安全漏洞

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a security vulnerability that stems from an improper implementation of password-protected links,...

FileBrowser 命令注入漏洞

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser suffers from a command injection vulnerability, which is caused by a flaw in the command execution...

FileBrowser 安全漏洞

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a security vulnerability that stems from the lack of password policy and brute force protection,...

Arbitrary Command Injection

Overview github.com/filebrowser/filebrowser/v2/http is a web file browser. Affected versions of this package are vulnerable to Arbitrary Command Injection via the Command Execution process. An attacker can execute arbitrary commands with the privileges of the server process by leveraging allowed...

Arbitrary Command Injection

Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the Command Execution process. An attacker can execute arbitrary commands with the privileges of the server process by leveraging allowed shell commands that can spawn additional commands. This is only...

Arbitrary Command Injection

Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the Command Execution process. An attacker can execute arbitrary commands with the privileges of the server process by leveraging allowed shell commands that can spawn additional commands. This is only...

Incorrect Default Permissions

Overview Affected versions of this package are vulnerable to Incorrect Default Permissions in the process that handles file uploads and database creation. An attacker can gain unauthorized access to sensitive files by leveraging default file permissions that allow any operating system account to...

FileBrowser 安全漏洞

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a command injection vulnerability that can be exploited by an attacker to gain read and write...

FileBrowser 安全漏洞

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser suffers from a cross-site scripting vulnerability that is caused by improper validation of user inpu...

FileBrowser 安全漏洞

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a command injection vulnerability that can be exploited by an attacker to execute arbitrary...

de.chandre.admin-tools:admin-tools-dbbrowser (>=1.1.1 <=1.1.7.3), de.chandre.admin-tools:admin-tools-filebrowser (>=1.1.1 <=1.1.7.3) +3 more potentially affected by CVE-2025-6493 via org.webjars.bower:codemirror (>=3.23.0 <=5.58.2)

org.webjars.bower:codemirror MAVEN version =3.23.0, =1.1.1, =1.1.1, =3.4.3, =3.4.4 - org.webjars.bower:mergely =3.3.6 Source cves: CVE-2025-6493 Source advisory: SNYK:JAVA-ORGWEBJARSBOWER-10494097...

CVE-2021-37794

A stored cross-site scripting XSS vulnerability exists in FileBrowser v2.16.0 that allows an authenticated user authorized to upload a malicious .svg file which acts as a stored XSS payload. If this stored XSS payload is triggered by an administrator it will trigger malicious OS commands on the...

GHSA-7VPP-9CXJ-Q8GV vulnerabilities

Vulnerabilities for packages: filebrowser, kots, mattermost...

CVE-2025-3445 vulnerabilities

Vulnerabilities for packages: filebrowser, kots, mattermost...