3 matches found
CVE-2025-52900
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same is true for the...
CVE-2025-52900 File Browser has Insecure File Permissions
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same is true for the...
CVE-2025-52900
Summary: CVE-2025-52900 affects the File Browser project. On servers running versions prior to 2.33.7, the application does not explicitly set permissions for uploaded/created files and its database, so file access is governed by the system umask. This can allow all OS accounts on the server to r...