CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/28 2:16 p.m.•13 views

CVE-2026-37266

An issue in Responsive File Manager Responsive FileManager Version 9.14.0 allows a remote attacker to execute arbitrary code via the forcedownload.php component...

8CVSS0.00334EPSS

CNNVD•added 2026/05/28 12:0 a.m.•10 views

Responsive FileManager 安全漏洞

Responsive FileManager is a free, open-source file manager developed by Alberto Peripolli. Version 9.14.0 of Responsive FileManager contains a security vulnerability. This vulnerability stems from issues with the forcedownload.php component, which could allow remote attackers to execute arbitrary...

8CVSS6.1AI score0.00334EPSS

CVE•added 2026/05/28 12:0 a.m.•14 views

CVE-2026-37266

CVE-2026-37266 : The issue affects Responsive File Manager’s Web application (Version 9.14.0). A vulnerability in the force_download.php component allows a remote attacker to execute arbitrary code. The publicly documented impact is significant (base CVSS v3.1: AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H...

8CVSS6.2AI score0.00334EPSS

ATTACKERKB•added 2026/05/28 12:0 a.m.•6 views

CVE-2026-37266

An issue in Responsive File Manager Responsive FileManager Version 9.14.0 allows a remote attacker to execute arbitrary code via the forcedownload.php component...

6.2AI score0.00334EPSS

Exploits0References3

Positive Technologies•added 2026/05/28 12:0 a.m.•11 views

PT-2026-44370

An issue in Responsive File Manager Responsive FileManager Version 9.14.0 allows a remote attacker to execute arbitrary code via the force download.php component...

6.2AI score0.00334EPSS

Exploits0References3

Cvelist•added 2026/05/28 12:0 a.m.•28 views

CVE-2026-37266

An issue in Responsive File Manager Responsive FileManager Version 9.14.0 allows a remote attacker to execute arbitrary code via the forcedownload.php component...

0.00334EPSS

Vulnrichment•added 2026/05/28 12:0 a.m.•8 views

CVE-2026-37266

An issue in Responsive File Manager Responsive FileManager Version 9.14.0 allows a remote attacker to execute arbitrary code via the forcedownload.php component...

6.2AI score0.00334EPSS

Positive Technologies•added 2026/05/21 12:0 a.m.•10 views

PT-2026-42698

Summary When an application using Pydantic AI opts a URL into force download='allow-local' which disables the default block on private/internal IPs, the cloud-metadata blocklist could be bypassed by encoding the metadata IP in an IPv6 transition form IPv4-mapped IPv6, 6to4, or NAT64. Dual-stack a...

8.6CVSS5.8AI score0.00464EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2007-5703

Malware in sbrugna...

5CVSS6.4AI score0.01505EPSS

Exploits0References5

OSV•added 2022/10/31 7:15 a.m.•2 views

CVE-2022-39023

U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to download arbitrary system file...

6.5CVSS5.9AI score

NVD•added 2022/10/31 7:15 a.m.•13 views

CVE-2022-39023

U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to download arbitrary system file...

6.5CVSS0.00884EPSS

NVD•added 2022/10/31 7:15 a.m.•16 views

CVE-2022-39022

U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to download arbitrary system file...

6.5CVSS0.00884EPSS

Prion•added 2022/10/31 7:15 a.m.•26 views

Path traversal

U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to download arbitrary system file...

4CVSS6.5AI score0.00884EPSS

Exploits0References1Affected Software1

CVE•added 2022/10/31 6:40 a.m.•55 views

CVE-2022-39023

CVE-2022-39023 concerns U-Office’s Force Download function, where a path traversal vulnerability allows a remote user with general privileges to download arbitrary system files. The NVD description states the vulnerability arises in the download mechanism and can be exploited without user interac...

Exploits0References1Affected Software1

CVE•added 2022/10/31 6:40 a.m.•59 views

CVE-2022-39022

CVE-2022-39022 concerns the U-Office Force Download function, which has a path traversal vulnerability. A remote attacker with general user privileges can exploit this to download arbitrary system files. Public references (NVD/TWCERT) cite a CVSS v3.1 base score of 6.5 (MEDIUM) with NETWORK attac...

Exploits0References1Affected Software1

Positive Technologies•added 2022/10/31 12:0 a.m.•6 views

PT-2022-24678 · U-Office · U-Office

Name of the Vulnerable Software and Affected Versions: U-Office affected versions not specified Description: The U-Office Force Download function contains a path traversal issue. This allows a remote attacker with general user privileges to exploit the issue and download arbitrary system files...

Positive Technologies•added 2022/10/31 12:0 a.m.•6 views

PT-2022-24679 · U-Office · U-Office