Lucene search
K

573 matches found

osv
osv
added 2026/04/08 12:5 a.m.5 views

GHSA-67CG-CPJ7-QGC9 File Browser discloses text file content via /api/resources endpoint bypassing Perm.Download check

Summary The resourceGetHandler in http/resource.go returns full text file content without checking the Perm.Download permission flag. All three other content-serving endpoints /api/raw, /api/preview, /api/subtitle correctly verify this permission before serving content. A user with download: fals...

5.3CVSS5.9AI score0.00274EPSS
Exploits1References3
github
github
added 2026/04/08 12:5 a.m.7 views

File Browser discloses text file content via /api/resources endpoint bypassing Perm.Download check

Summary The resourceGetHandler in http/resource.go returns full text file content without checking the Perm.Download permission flag. All three other content-serving endpoints /api/raw, /api/preview, /api/subtitle correctly verify this permission before serving content. A user with download: fals...

7.5CVSS5.9AI score0.00274EPSS
Exploits1References3Affected Software1
euvd
euvd
added 2026/04/08 12:4 a.m.3 views

EUVD-2026-19776

File Browser share links remain accessible after Share/Download permissions are revoked...

8.2CVSS5.9AI score0.00332EPSS
Exploits1References3
github
github
added 2026/04/08 12:4 a.m.11 views

File Browser share links remain accessible after Share/Download permissions are revoked

When an admin revokes a user's Share and Download permissions, existing share links created by that user remain fully accessible to unauthenticated users. The public share download handler does not re-check the share owner's current permissions. Verified with a running PoC against v2.62.2 commit...

8.2CVSS5.9AI score0.00332EPSS
Exploits1References4Affected Software1
osv
osv
added 2026/04/08 12:4 a.m.3 views

GHSA-5Q48-Q4FM-G3M6 File Browser has an access rule bypass via HasPrefix without trailing separator in path matching

Hi, The Matches function in rules/rules.go uses strings.HasPrefix without a trailing directory separator when matching paths against access rules. A rule for /uploads also matches /uploadsbackup/, granting or denying access to unintended directories. Verified against v2.62.2 commit 860c19d. Detai...

6.3CVSS5.8AI score0.00392EPSS
Exploits1References4
euvd
euvd
added 2026/04/08 12:4 a.m.7 views

EUVD-2026-19778

File Browser has an access rule bypass via HasPrefix without trailing separator in path matching...

6.3CVSS5.9AI score0.00392EPSS
Exploits1References3
osv
osv
added 2026/04/08 12:4 a.m.1 views

GHSA-JVPW-637P-H3PW File Browser has a Command Injection via Hook Runner

!NOTE This feature has been disabled by default for all installations from v2.33.8 onwards, including for existent installations. To exploit this vulnerability, the instance administrator must turn on a feature and ignore all the warnings about known vulnerabilities. We're publishing this new...

7.5CVSS6AI score0.01922EPSS
Exploits2References4
euvd
euvd
added 2026/04/08 12:4 a.m.4 views

EUVD-2026-19775

File Browser has a Command Injection via Hook Runner...

7.5CVSS5.9AI score0.01922EPSS
Exploits2References3
github
github
added 2026/04/08 12:4 a.m.7 views

File Browser has a Command Injection via Hook Runner

!NOTE This feature has been disabled by default for all installations from v2.33.8 onwards, including for existent installations. To exploit this vulnerability, the instance administrator must turn on a feature and ignore all the warnings about known vulnerabilities. We're publishing this new...

7.5CVSS6AI score0.01922EPSS
Exploits2References4Affected Software1
nvd
nvd
added 2026/04/07 5:16 p.m.6 views

CVE-2026-35606

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, the resourceGetHandler in http/resource.go returns full text file content without checking the Perm.Download permission flag. All three other...

7.5CVSS0.00274EPSS
Exploits1References1
nvd
nvd
added 2026/04/07 5:16 p.m.3 views

CVE-2026-35604

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, when an admin revokes a user's Share and Download permissions, existing share links created by that user remain fully accessible to...

8.2CVSS0.00332EPSS
Exploits1References2
nvd
nvd
added 2026/04/07 5:16 p.m.5 views

CVE-2026-35605

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, the Matches function in rules/rules.go uses strings.HasPrefix without a trailing directory separator when matching paths against access rules. ...

7.5CVSS0.00392EPSS
Exploits1References2
nvd
nvd
added 2026/04/07 5:16 p.m.5 views

CVE-2026-35607

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, the fix in commit b6a4fb1 "self-registered users don't get execute perms" stripped Execute permission and Commands from users created via the...

8.8CVSS0.00383EPSS
Exploits1References2
nvd
nvd
added 2026/04/07 5:16 p.m.4 views

CVE-2026-35585

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. From 2.0.0 until 2.33.8, the hook system in File Browser — which executes administrator-defined shell commands on file events such as upload, rename, and delete...

7.5CVSS0.01922EPSS
Exploits2References2
vulnrichment
vulnrichment
added 2026/04/07 4:31 p.m.3 views

CVE-2026-35607 File Browser: Proxy auth auto-provisioned users inherit Execute permission and Commands

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, the fix in commit b6a4fb1 "self-registered users don't get execute perms" stripped Execute permission and Commands from users created via the...

8.1CVSS6.1AI score0.00383EPSS
Exploits1References2
attackerkb
attackerkb
added 2026/04/07 4:31 p.m.2 views

CVE-2026-35607

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, the fix in commit b6a4fb1 "self-registered users don't get execute perms" stripped Execute permission and Commands from users created via the...

8.1CVSS6.1AI score0.00383EPSS
Exploits1References3Affected Software1
cve
cve
added 2026/04/07 4:31 p.m.14 views

CVE-2026-35607

CVE-2026-35607 affects File Browser. Before version 2.63.1, a fix that prevented execution rights from being inherited by self-registered users was not applied to the proxy authentication path, causing auto-created proxy-auth users on first successful login to inherit Execute permissions and Comm...

8.8CVSS6.1AI score0.00383EPSS
Exploits1References2Affected Software1
attackerkb
attackerkb
added 2026/04/07 4:29 p.m.3 views

CVE-2026-35606

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, the resourceGetHandler in http/resource.go returns full text file content without checking the Perm.Download permission flag. All three other...

5.3CVSS5.9AI score0.00274EPSS
Exploits1References2Affected Software1
vulnrichment
vulnrichment
added 2026/04/07 4:29 p.m.2 views

CVE-2026-35606 File Browser discloses text file content via /api/resources endpoint bypassing Perm.Download check

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, the resourceGetHandler in http/resource.go returns full text file content without checking the Perm.Download permission flag. All three other...

5.3CVSS5.9AI score0.00274EPSS
Exploits1References1
cvelist
cvelist
added 2026/04/07 4:29 p.m.22 views

CVE-2026-35606 File Browser discloses text file content via /api/resources endpoint bypassing Perm.Download check

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, the resourceGetHandler in http/resource.go returns full text file content without checking the Perm.Download permission flag. All three other...

5.3CVSS0.00274EPSS
Exploits1References1
Rows per page
Query Builder