4 matches found
CVE-2026-48777
CVE-2026-48777 — FileBrowser Quantum has a path-traversal in the public share PATCH endpoint. Versions prior to 1.3.2-stable, 1.4.0-beta, and 1.4.1-beta allow an attacker with a public share link that has AllowModify=true to move, copy, or rename files outside the share root by abusing publicPatc...
CVE-2026-32758 File Browser has an Access Rule Bypass via Path Traversal in Copy/Rename Destination Parameter
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.2 and below are vulnerable to Path Traversal through the resourcePatchHandler http/resource.go. The destination path in resourcePatchHandler is...
CVE-2026-32758 File Browser has an Access Rule Bypass via Path Traversal in Copy/Rename Destination Parameter
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.2 and below are vulnerable to Path Traversal through the resourcePatchHandler http/resource.go. The destination path in resourcePatchHandler is...
The vulnerability of the `git_config_copy_or_rename_section_in_file` function in the `config.c` file of a distributed version control system like Git allows a attacker to execute arbitrary code.
The vulnerability of the gitconfigcopyorrenamesectioninfile function in the distributed version control system Git’s config.c file is related to insufficient neutralization of special elements in the request. Exploiting this vulnerability could allow an attacker to execute arbitrary code...