4 matches found
CVE-2026-35605
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, the Matches function in rules/rules.go uses strings.HasPrefix without a trailing directory separator when matching paths against access rules. ...
CVE-2026-35605
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, the Matches function in rules/rules.go uses strings.HasPrefix without a trailing directory separator when matching paths against access rules. ...
PT-2026-30906
Name of the Vulnerable Software and Affected Versions File Browser versions prior to 2.63.1 Description File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. The Matches function in rules/rules.go uses...
UBUNTU-CVE-2024-6866
corydolphin/flask-cors version 4.01 contains a vulnerability where the request path matching is case-insensitive due to the use of the trymatch function, which is originally intended for matching hosts. This results in a mismatch because paths in URLs are case-sensitive, but the regex matching...