2 matches found
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the shares feature when a single file is shared inside a folder and either the FTP or SFTP server is enabled and publicly accessible. An attacker can gain unauthorized read access to other files within the sam...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via the shr global-option. An attacker can access unauthorized sibling files within a shared folder by guessing their filenames. Remediation Upgrade copyparty to version 1.19.8 or higher. References - GitHub Commit...