Lucene search
K

47 matches found

osv
osv
added 2026/06/25 6:26 p.m.2 views

GO-2026-5089 FileBrowser Quantum: unauthenticated user share share info in github.com/gtsteffaniak/filebrowser

FileBrowser Quantum: unauthenticated user share share info in github.com/gtsteffaniak/filebrowser...

5.8AI score0.00052EPSS
Exploits0References2
nvd
nvd
added 2026/06/16 8:16 p.m.12 views

CVE-2026-48777

FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are vulnerable to Path Traversal through the publicPatchHandler in backend/http/public.go which joins user-controlled fromPath and toPath body fields with the trusted...

9.3CVSS0.00446EPSS
Exploits0References3
cvelist
cvelist
added 2026/06/16 6:40 p.m.47 views

CVE-2026-48777 FileBrowser Quantum: Path Traversal in public share PATCH allows file ops outside shared directory

FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are vulnerable to Path Traversal through the publicPatchHandler in backend/http/public.go which joins user-controlled fromPath and toPath body fields with the trusted...

9.3CVSS0.00446EPSS
Exploits0References3
cve
cve
added 2026/06/16 6:40 p.m.32 views

CVE-2026-48777

CVE-2026-48777 — FileBrowser Quantum has a path-traversal in the public share PATCH endpoint. Versions prior to 1.3.2-stable, 1.4.0-beta, and 1.4.1-beta allow an attacker with a public share link that has AllowModify=true to move, copy, or rename files outside the share root by abusing publicPatc...

9.3CVSS5.4AI score0.00446EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/05/22 12:0 a.m.14 views

PT-2026-47627

Name of the Vulnerable Software and Affected Versions FileBrowser Quantum versions prior to 1.3.3-stable FileBrowser Quantum versions prior to 1.4.2-beta Description Path Traversal is possible through the publicPatchHandler function in backend/http/public.go. The issue occurs because the software...

9.3CVSS5.4AI score0.00446EPSS
Exploits0References9
github
github
added 2026/05/19 8:14 p.m.16 views

FileBrowser Quantum: unauthenticated user share share info

Impact Some sensitive info -- such as source and path can get exposed. Patches Update to the latest version Workarounds no...

5.8AI score0.00052EPSS
Exploits0References3Affected Software2
veracode
veracode
added 2026/05/16 5:27 a.m.13 views

Cross-site Scripting (XSS)

FileBrowser Quantum is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper escaping of user-controlled share metadata fields when rendered in HTML using text/template, which allows an attacker to inject and execute malicious scripts when users visit a shared URL...

8.9CVSS7.3AI score0.00347EPSS
Exploits1References5Affected Software1
redhatcve
redhatcve
added 2026/05/15 7:57 p.m.8 views

CVE-2026-44542

FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-stable and 1.3.9-beta, attacker-controlled path input is joined with a trusted base path prior to sanitization, allowing traversal sequences e.g., ../ to escape the intended shared directory. As a result, an...

9.1CVSS5.9AI score0.00523EPSS
Exploits1References1
euvd
euvd
added 2026/05/14 5:7 p.m.13 views

EUVD-2026-30344

FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-stable and 1.3.9-beta, attacker-controlled path input is joined with a trusted base path prior to sanitization, allowing traversal sequences e.g., ../ to escape the intended shared directory. As a result, an...

9.1CVSS5.9AI score0.00523EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2026/05/14 5:7 p.m.7 views

CVE-2026-44542 FileBrowser Quantum: Unauthenticated Path Traversal in Public Share Delete Allows Arbitrary File Deletion

FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-stable and 1.3.9-beta, attacker-controlled path input is joined with a trusted base path prior to sanitization, allowing traversal sequences e.g., ../ to escape the intended shared directory. As a result, an...

9.1CVSS5.9AI score0.00523EPSS
Exploits1References1
cve
cve
added 2026/05/14 5:7 p.m.24 views

CVE-2026-44542

CVE-2026-44542 affects FileBrowser Quantum. An attacker-controlled path input is joined with a trusted base path before sanitization, enabling path traversal (e.g., ../) to escape the shared directory. An unauthenticated attacker with a valid public share hash that has delete permissions can dele...

9.1CVSS5.9AI score0.00523EPSS
Exploits1References1Affected Software1
cnnvd
cnnvd
added 2026/05/14 12:0 a.m.13 views

FileBrowser Quantum 路径遍历漏洞

FileBrowser Quantum is a file manager developed by Graham Steffaniak. Versions prior to 1.3.1-stable and 1.3.9-beta contained a path traversal vulnerability. This vulnerability stemmed from the concatenation of trusted base paths before path cleaning, which could lead to directory traversal attac...

9.1CVSS5.8AI score0.00523EPSS
Exploits1References2
osv
osv
added 2026/05/07 3:29 a.m.16 views

GHSA-MMPX-JH39-WRV6 FileBrowser Vulnerable to Stored XSS via SVG File in Public Share (Missing CSP Header)

Summary FileBrowser Quantum serves inline SVG files without a Content-Security-Policy header, allowing embedded JavaScript in SVG files to execute when accessed via public share links. Verified on v1.3.0-stable. Affected product - Product: FileBrowser Quantum gtsteffaniak/filebrowser - Verified...

5.4CVSS5.9AI score
Exploits0References3
github
github
added 2026/05/07 3:29 a.m.20 views

FileBrowser Vulnerable to Stored XSS via SVG File in Public Share (Missing CSP Header)

Summary FileBrowser Quantum serves inline SVG files without a Content-Security-Policy header, allowing embedded JavaScript in SVG files to execute when accessed via public share links. Verified on v1.3.0-stable. Affected product - Product: FileBrowser Quantum gtsteffaniak/filebrowser - Verified...

5.9AI score
Exploits0References3Affected Software1
osv
osv
added 2026/03/26 8:33 p.m.3 views

GO-2026-4820 FileBrowser Quantum has Username Enumeration via Authentication Timing Side-Channel in github.com/gtsteffaniak/filebrowser/backend

FileBrowser Quantum has Username Enumeration via Authentication Timing Side-Channel in github.com/gtsteffaniak/filebrowser/backend...

5.9AI score
Exploits0References3
redhatcve
redhatcve
added 2026/03/26 3:3 p.m.12 views

CVE-2026-30934

FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-beta and 1.2.2-stable, Stored XSS is possible via share metadata fields e.g., title, description that are rendered into HTML for /public/share/ without context-aware escaping. The server uses text/template instead ...

8.9CVSS5.9AI score0.00347EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/03/26 3:3 p.m.10 views

CVE-2026-30933

FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-beta and 1.2.2-stable, the remediation for CVE-2026-27611 is incomplete. Password protected shares still disclose tokenized downloadURL via /public/api/share/info. This vulnerability is fixed in 1.3.1-beta and...

7.5CVSS5.8AI score0.00544EPSS
Exploits2References1
susecve
susecve
added 2026/03/25 12:25 a.m.4 views

SUSE CVE-2026-30933

FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-beta and 1.2.2-stable, the remediation for CVE-2026-27611 is incomplete. Password protected shares still disclose tokenized downloadURL via /public/api/share/info. This vulnerability is fixed in 1.3.1-beta and...

7.5CVSS5.8AI score0.00544EPSS
Exploits2References3
susecve
susecve
added 2026/03/25 12:25 a.m.6 views

SUSE CVE-2026-30934

FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-beta and 1.2.2-stable, Stored XSS is possible via share metadata fields e.g., title, description that are rendered into HTML for /public/share/ without context-aware escaping. The server uses text/template instead ...

8.9CVSS6AI score0.00347EPSS
Exploits1References3
osv
osv
added 2026/03/24 7:18 p.m.7 views

GHSA-7789-65HX-F26W FileBrowser Quantum has Username Enumeration via Authentication Timing Side-Channel

Summary The /api/auth/login authentication endpoint does not execute in constant time. When a non-existent username is supplied, the server returns a 401/403 response almost immediately. When a valid username is provided, the server performs a bcrypt password comparison, causing a measurable dela...

5.3CVSS5.9AI score
Exploits0References4
Rows per page
Query Builder