101 matches found
CVE-2026-54414 FileRise shared-folder upload path traversal allows arbitrary file write and admin takeover
FileRise before 3.16.0 is vulnerable to path traversal in the shared-folder upload endpoint /api/folder/uploadToSharedFolder.php, leading to arbitrary file write and administrator account takeover. The upload filename is validated by FolderController with basename and REGEXFILENAME, which permit...
EUVD-2026-37993
FileRise before 3.16.0 is vulnerable to path traversal in the shared-folder upload endpoint /api/folder/uploadToSharedFolder.php, leading to arbitrary file write and administrator account takeover. The upload filename is validated by FolderController with basename and REGEXFILENAME, which permit...
CVE-2026-54414
CVE-2026-54414 affects FileRise prior to 3.16.0. The vulnerability is a path traversal in the shared-folder upload endpoint (/api/folder/uploadToSharedFolder.php) that enables arbitrary file write and, under certain conditions, administrator account takeover. Root cause: uploaded filenames are va...
CVE-2026-44460
FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 3.12.0, /api/totpsetup.php is callable from a session that has only passed the password check state pendingloginuser. When the target account already has TOTP configured, the endpoint...
CVE-2026-44460
FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 3.12.0, /api/totpsetup.php is callable from a session that has only passed the password check state pendingloginuser. When the target account already has TOTP configured, the endpoint...
CVE-2026-44460 FileRise: TOTP Bypass via Setup Endpoint Disclosing Existing Secret
FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 3.12.0, /api/totpsetup.php is callable from a session that has only passed the password check state pendingloginuser. When the target account already has TOTP configured, the endpoint...
EUVD-2026-32584
FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 3.12.0, /api/totpsetup.php is callable from a session that has only passed the password check state pendingloginuser. When the target account already has TOTP configured, the endpoint...
PT-2026-44053
Name of the Vulnerable Software and Affected Versions FileRise versions prior to 3.12.0 Description FileRise is a self-hosted web-based file manager. The endpoint '/api/totp setup.php' can be accessed by a session that has only completed the password verification state pending login user. If the...
FileRise 访问控制错误漏洞
FileRise is a lightweight, self-hosted web-based file manager developed by Ryan. Versions of FileRise prior to 3.12.0 contained an access control vulnerability. This vulnerability stemmed from the /api/totpsetup.php endpoint, which could be accessed via a session that only requires password...
CVE-2026-33477
FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In versiosn 2.3.7 through 3.10.0, the file snippet endpoint /api/file/snippet.php allows an authenticated user with only readown access to a folder to retrieve snippet content from files upload...
CVE-2026-33477
FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In versiosn 2.3.7 through 3.10.0, the file snippet endpoint /api/file/snippet.php allows an authenticated user with only readown access to a folder to retrieve snippet content from files upload...
CVE-2026-33477 FileRise has incorrect authorization in /api/file/snippet.php allows read_own users to read other users’ file content
FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In versiosn 2.3.7 through 3.10.0, the file snippet endpoint /api/file/snippet.php allows an authenticated user with only readown access to a folder to retrieve snippet content from files upload...
CVE-2026-33477 FileRise has incorrect authorization in /api/file/snippet.php allows read_own users to read other users’ file content
FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In versiosn 2.3.7 through 3.10.0, the file snippet endpoint /api/file/snippet.php allows an authenticated user with only readown access to a folder to retrieve snippet content from files upload...
EUVD-2026-16277
FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In versiosn 2.3.7 through 3.10.0, the file snippet endpoint /api/file/snippet.php allows an authenticated user with only readown access to a folder to retrieve snippet content from files upload...
CVE-2026-33477
FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In versiosn 2.3.7 through 3.10.0, the file snippet endpoint /api/file/snippet.php allows an authenticated user with only readown access to a folder to retrieve snippet content from files upload...
CVE-2026-33477 FileRise has incorrect authorization in /api/file/snippet.php allows read_own users to read other users’ file content
FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In versiosn 2.3.7 through 3.10.0, the file snippet endpoint /api/file/snippet.php allows an authenticated user with only readown access to a folder to retrieve snippet content from files upload...
CVE-2026-33070
FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, a missing-authentication vulnerability in the deleteShareLink endpoint allows any unauthenticated user to delete arbitrary file share links by providing only the share token, causing denial of service to share...
CVE-2026-33071
FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, the WebDAV upload endpoint accepts any file extension including .phtml, .php5, .htaccess, and other server-side executable types, bypassing the filename validation enforced by the regular upload path. In...
CVE-2026-33072
FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.9.0, a hardcoded default encryption key defaultpleasechangethiskey is used for all cryptographic operations — HMAC token generation, AES config encryption, and session tokens — allowing any unauthenticated attacker...
CVE-2026-33330
FileRise is a self-hosted web file manager / WebDAV server. Prior to version 3.10.0, a broken access control issue in FileRise's ONLYOFFICE integration allows an authenticated user with read-only access to obtain a signed save callbackUrl for a file and then directly forge the ONLYOFFICE save...