Lucene search
+L

80 matches found

nvd
nvd
added 2026/07/07 9:17 p.m.7 views

CVE-2026-50530

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, a share mode chart data interface only validates that sceneId matches the resourceId in the link token and fails to validate whether tableId and field IDs in the request body belong to the shared resource, allowing...

7.1CVSS0.00238EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/07/07 8:41 p.m.5 views

CVE-2026-50530

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, a share mode chart data interface only validates that sceneId matches the resourceId in the link token and fails to validate whether tableId and field IDs in the request body belong to the shared resource, allowing...

7.1CVSS6AI score0.00238EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2026/07/07 8:33 p.m.34 views

CVE-2026-57172 DataEase: Hardcoded JWT Signing Secret in ShareLink

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, ShareSecretManage uses a hardcoded default share link signature key, allowing an attacker who can obtain a passwordless share for a resource and user to use the known key link-pwd-fit2cloud to forge linkToken JWTs,...

8.3CVSS0.00289EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/07/07 12:0 a.m.9 views

PT-2026-56254

Name of the Vulnerable Software and Affected Versions DataEase versions prior to 2.10.24 Description The ShareSecretManage component uses a hardcoded default share link signature key. An attacker who obtains a passwordless share for a resource and user can use the known key link-pwd-fit2cloud to...

8.3CVSS6AI score0.00289EPSS
Exploits0References6
osv
osv
added 2026/07/01 9:59 p.m.3 views

GHSA-J48M-H7XQ-2XPJ goshs: Share-link ?token=… redemption races past download limit

Share-link ?token=… redemption races past download limit Ecosystem: Go Package: goshs.de/goshs/v2 github.com/patrickhener/goshs Affected: 0 || entry.DownloadLimit == -1 // ...serve file... // = current.DownloadLimit deletefs.SharedLinks, token fs.sharedLinksMu.Unlock Between line 978 RUnlock and...

5.9CVSS5.8AI score
Exploits0References2
ptsecurity
ptsecurity
added 2026/07/01 12:0 a.m.5 views

PT-2026-55218

Name of the Vulnerable Software and Affected Versions goshs versions prior to 2.0.10 Description A race condition exists in the ShareHandler when processing share-link redemptions. The system reads the DownloadLimit of a share token using a read lock, releases it to serve the file, and only then...

5.9CVSS6AI score
Exploits0References4
nvd
nvd
added 2026/06/25 7:16 p.m.8 views

CVE-2026-56768

Seahub before 13.0.23 does not enforce SHARELINKLOGINREQUIRED on GET /api/v2.1/share-link-zip-task/, allowing unauthenticated users to bypass authentication. Attackers with a folder share-link token can call the GET endpoint to obtain a fileserver zip token and download entire shared directory...

8.8CVSS0.00381EPSS
Exploits0References5
osv
osv
added 2026/06/25 6:26 p.m.6 views

GO-2026-5159 File Browser: Cross-user unauthorized share-link deletion via unbounded prefix match in DeleteWithPathPrefix in github.com/filebrowser/filebrowser

File Browser: Cross-user unauthorized share-link deletion via unbounded prefix match in DeleteWithPathPrefix in github.com/filebrowser/filebrowser...

7.2CVSS5.8AI score0.00411EPSS
Exploits0References3
euvd
euvd
added 2026/06/25 6:5 p.m.7 views

EUVD-2026-39520

Seahub before 13.0.23 does not enforce SHARELINKLOGINREQUIRED on GET /api/v2.1/share-link-zip-task/, allowing unauthenticated users to bypass authentication. Attackers with a folder share-link token can call the GET endpoint to obtain a fileserver zip token and download entire shared directory...

8.8CVSS5.9AI score0.00381EPSS
Exploits0References5
osv
osv
added 2026/06/25 6:5 p.m.3 views

CVE-2026-56768 Seahub < 13.0.23 - Authentication Bypass in ShareLinkZipTaskView GET Method

Seahub before 13.0.23 does not enforce SHARELINKLOGINREQUIRED on GET /api/v2.1/share-link-zip-task/, allowing unauthenticated users to bypass authentication. Attackers with a folder share-link token can call the GET endpoint to obtain a fileserver zip token and download entire shared directory...

8.7CVSS6AI score0.00381EPSS
Exploits0References8
cvelist
cvelist
added 2026/06/25 6:5 p.m.22 views

CVE-2026-56768 Seahub < 13.0.23 - Authentication Bypass in ShareLinkZipTaskView GET Method

Seahub before 13.0.23 does not enforce SHARELINKLOGINREQUIRED on GET /api/v2.1/share-link-zip-task/, allowing unauthenticated users to bypass authentication. Attackers with a folder share-link token can call the GET endpoint to obtain a fileserver zip token and download entire shared directory...

8.8CVSS0.00381EPSS
Exploits0References5
cve
cve
added 2026/06/25 6:5 p.m.18 views

CVE-2026-56768

Vulnerability summary (CVE-2026-56768) Seahub versions before 13.0.23 fail to enforce SHARE_LINK_LOGIN_REQUIRED on GET /api/v2.1/share-link-zip-task/, allowing unauthenticated access when a folder share-link token is present. An attacker can call the GET endpoint to obtain a fileserver zip token ...

8.8CVSS5.9AI score0.00381EPSS
Exploits0References5
nvd
nvd
added 2026/06/16 8:16 p.m.12 views

CVE-2026-48777

FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are vulnerable to Path Traversal through the publicPatchHandler in backend/http/public.go which joins user-controlled fromPath and toPath body fields with the trusted...

9.3CVSS0.00446EPSS
Exploits0References3
osv
osv
added 2026/06/12 9:0 p.m.14 views

GHSA-5WW9-JG6Q-38R7 File Browser: Cross-user unauthorized share-link deletion via unbounded prefix match in DeleteWithPathPrefix

Summary A low-privileged authenticated user of filebrowser with create + delete permissions in their own isolated scope can silently destroy share-link records belonging to any other user — including the administrator — by performing a legitimate DELETE on a file in their own directory whose...

7.2CVSS5.5AI score0.00411EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/12 12:0 a.m.13 views

PT-2026-49069

Name of the Vulnerable Software and Affected Versions File Browser versions prior to 2.63.6 Description A low-privileged authenticated user with create and delete permissions in their own isolated scope can delete share-link records belonging to any other user, including the administrator. This...

7.2CVSS5.9AI score0.00411EPSS
Exploits0References9
osv
osv
added 2026/06/05 4:20 p.m.6 views

GHSA-HJ85-PH9Q-78JG NocoDB: Stored Cross-Site Scripting via Form View Redirect URL

Summary The shared form-view submit handler in NocoDB writes the form's redirecturl to window.location.href after a same-host check that does not validate the URL scheme. A user with editor role or above on any base can plant a javascript: URL in the form's redirecturl; when an authenticated view...

8.4CVSS5.8AI score0.00234EPSS
Exploits0References3
nvd
nvd
added 2026/05/07 10:16 a.m.19 views

CVE-2026-6805

Vulnerability on the external sharing feature in Cryptobox allows an attacker knowing a sharing link URL to retrieve information from the server allowing an offline brute-force attack of the access code associated to this sharing link...

7.5CVSS0.00232EPSS
Exploits0References1
nvd
nvd
added 2026/04/28 10:16 p.m.11 views

CVE-2026-41649

Outline is a service that allows for collaborative documentation. The shares.create API endpoint starting in version 0.86.0 and prior to version 1.7.0 has an insecure direct object reference.. When both collectionId and documentId are provided in the request, the authorization logic only checks...

7.7CVSS0.00293EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2026/04/28 8:11 p.m.5 views

CVE-2026-41649 Outline has IDOR in document share creation that allows unauthorized access to private documents across workspaces

Outline is a service that allows for collaborative documentation. The shares.create API endpoint starting in version 0.86.0 and prior to version 1.7.0 has an insecure direct object reference.. When both collectionId and documentId are provided in the request, the authorization logic only checks...

7.7CVSS5.3AI score0.00293EPSS
Exploits1References3
euvd
euvd
added 2026/04/28 8:11 p.m.12 views

EUVD-2026-26144

Outline is a service that allows for collaborative documentation. The shares.create API endpoint starting in version 0.86.0 and prior to version 1.7.0 has an insecure direct object reference.. When both collectionId and documentId are provided in the request, the authorization logic only checks...

7.7CVSS5.3AI score0.00293EPSS
Exploits1References3
Rows per page
Query Builder