Lucene search
+L

4 matches found

euvd
euvd
added 2026/01/28 10:24 p.m.7 views

EUVD-2026-4975

Erugo is a self-hosted file-sharing platform. In versions up to and including 0.2.14, an authenticated low-privileged user can upload arbitrary files to any specified location due to insufficient validation of user‑supplied paths when creating shares. By specifying a writable path within the publ...

10CVSS6.7AI score0.03008EPSS
Exploits3References3
osv
osv
added 2026/01/28 10:24 p.m.8 views

CVE-2026-24897 Authenticated Remote Code Execution via Arbitrary File Upload

Erugo is a self-hosted file-sharing platform. In versions up to and including 0.2.14, an authenticated low-privileged user can upload arbitrary files to any specified location due to insufficient validation of user‑supplied paths when creating shares. By specifying a writable path within the publ...

10CVSS6.7AI score0.03008EPSS
Exploits3References5
cnnvd
cnnvd
added 2026/01/28 12:0 a.m.9 views

Erugo code issues and vulnerabilities

Erugo is an open-source file sharing platform developed by Erugo. Versions of Erugo 0.2.14 and earlier have code vulnerabilities. These vulnerabilities stem from insufficient path validation when creating shares. This allows low-privilege users to upload arbitrary files to designated locations,...

10CVSS6.3AI score0.03008EPSS
Exploits3References4
ptsecurity
ptsecurity
added 2026/01/28 12:0 a.m.6 views

PT-2026-5235

Name of the Vulnerable Software and Affected Versions Erugo versions up to and including 0.2.14 Description Erugo is a self-hosted file-sharing platform. An authenticated, low-privileged user can upload arbitrary files to any specified location due to insufficient validation of user-supplied path...

10CVSS6.7AI score0.03008EPSS
Exploits3References15
Rows per page
Query Builder