Lucene search
K

6 matches found

NVD
NVD
added 2026/03/13 7:54 p.m.6 views

CVE-2026-30943

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, An insufficient authorization check in the file replace API allows a user with only list visibility permission UserPermListOtherUploads to delete another user's file by abusing the...

4.1CVSS0.00179EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/13 7:7 p.m.5 views

CVE-2026-30943

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, An insufficient authorization check in the file replace API allows a user with only list visibility permission UserPermListOtherUploads to delete another user's file by abusing the...

4.1CVSS5.8AI score0.00179EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/13 6:56 p.m.5 views

GHSA-J6JP-78W8-34X6 Gokapi vulnerable to Privilege Escalation in File Replace

Summary An insufficient authorization check in the file replace API allows a user with only list visibility permission UserPermListOtherUploads to delete another user's file by abusing the deleteNewFile flag, bypassing the requirement for UserPermDeleteOtherUploads. Impact Any authenticated user...

4.1CVSS5.8AI score0.00179EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/03/13 6:56 p.m.8 views

Gokapi vulnerable to Privilege Escalation in File Replace

Summary An insufficient authorization check in the file replace API allows a user with only list visibility permission UserPermListOtherUploads to delete another user's file by abusing the deleteNewFile flag, bypassing the requirement for UserPermDeleteOtherUploads. Impact Any authenticated user...

4.1CVSS5.8AI score0.00179EPSS
Exploits0References5Affected Software1
SUSE CVE
SUSE CVE
added 2025/08/29 11:39 p.m.3 views

SUSE CVE-2024-52284

Unauthorized disclosure of sensitive data: Any user with GET or LIST permissions on BundleDeployment resources could retrieve Helm values containing credentials or other secrets...

7.7CVSS6.7AI score0.00217EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2010/07/17 12:0 a.m.23 views

EasyFTP Server 1.7.0.11 - 'LIST' (Authenticated) Remote Buffer Overflow

!/usr/bin/python import socket,sys Tested on XP Pro SP2 Eng and XP Pro SP3 Eng print """ Easy FTP Server v1.7.0.11 LIST Remote BoF Exploit Post Authentication Author / Discovered by : Karn Ganeshen Date : July 5, 2010 KarnGaneshen aT gmail d0t com http://ipositivesecurity.blogspot.com """ if...

7.4AI score
Exploits0
Rows per page
Query Builder