Lucene search
K

8 matches found

GithubExploit
GithubExploit
added 2026/04/14 12:11 p.m.117 views

Exploit for CVE-2026-35585

CVE-2026-35585: File Browser OS Command Injection PoC Desc...

7.5CVSS6.2AI score0.01922EPSS
Exploits2
ATTACKERKB
ATTACKERKB
added 2026/03/19 11:31 p.m.6 views

CVE-2026-32759

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions 2.61.2 and below, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating that the value is...

5.3CVSS5.9AI score0.01903EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/03/19 11:31 p.m.19 views

CVE-2026-32759 File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions on the 2.x branch prior to 2.33.8, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating th...

5.3CVSS0.01903EPSS
Exploits1References2
OSV
OSV
added 2026/03/19 11:31 p.m.3 views

CVE-2026-32759 File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions 2.61.2 and below, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating that the value is...

5.3CVSS6.1AI score0.01903EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/03/16 8:43 p.m.9 views

File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely

!NOTE This feature has been disabled by default for all installations from v2.33.8 onwards, including for existent installations. To exploit this vulnerability, the instance administrator must turn on a feature and ignore all the warnings about known vulnerabilities. We're publishing this new...

8.1CVSS6.7AI score0.01903EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.13 views

PT-2026-25857

Name of the Vulnerable Software and Affected Versions File Browser versions 2.61.2 and below Description File Browser has a flaw in its handling of TUS resumable uploads. The software parses the 'Upload-Length' header as a signed 64-bit integer without verifying that the value is non-negative. Th...

9.9CVSS6.3AI score0.02502EPSS
Exploits18References151
RedHat Linux
RedHat Linux
added 2024/09/24 2:39 a.m.3 views

kernel: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Remove spinlockbh while releasing resources after upload The session resources are used by FW and driver when session is offloaded, once session is uploaded these resources are not used. The lock is not required as...

5.5CVSS6.7AI score0.00215EPSS
Exploits0References4
CNVD
CNVD
added 2018/04/18 12:0 a.m.2 views

Arbitrary File Deletion Vulnerability in BageCms

BageCms is a multi-functional open source web content management system based on php5+mysql5 development. bagecms exists arbitrary file deletion vulnerability. The vulnerability stems from the background after uploading files , delete cached files when the parameter oAttach controllable , resulti...

7AI score
Exploits0
Rows per page
Query Builder