CVE-2026-33477

FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In versiosn 2.3.7 through 3.10.0, the file snippet endpoint /api/file/snippet.php allows an authenticated user with only readown access to a folder to retrieve snippet content from files upload...

[Full-disclosure] JBoss jBPM 2.0: Remote code execution and classloader covert channel

Security Advisory: jBPM 2.0 Date: 06/22/05 URL: http://www.illegalaccess.org/java/jbpm.php " JBoss jBPM is a flexible, extensible workflow management system." jbpm.org Problem 1: Remote code execution possible with jBPM . This allows an attacker to trigger an arbitrary executable on the jBPM/ JBo...