6 matches found
CVE-2026-30943
Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, An insufficient authorization check in the file replace API allows a user with only list visibility permission UserPermListOtherUploads to delete another user's file by abusing the...
CVE-2026-30943
Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, An insufficient authorization check in the file replace API allows a user with only list visibility permission UserPermListOtherUploads to delete another user's file by abusing the...
GHSA-J6JP-78W8-34X6 Gokapi vulnerable to Privilege Escalation in File Replace
Summary An insufficient authorization check in the file replace API allows a user with only list visibility permission UserPermListOtherUploads to delete another user's file by abusing the deleteNewFile flag, bypassing the requirement for UserPermDeleteOtherUploads. Impact Any authenticated user...
Gokapi vulnerable to Privilege Escalation in File Replace
Summary An insufficient authorization check in the file replace API allows a user with only list visibility permission UserPermListOtherUploads to delete another user's file by abusing the deleteNewFile flag, bypassing the requirement for UserPermDeleteOtherUploads. Impact Any authenticated user...
SUSE CVE-2024-52284
Unauthorized disclosure of sensitive data: Any user with GET or LIST permissions on BundleDeployment resources could retrieve Helm values containing credentials or other secrets...
EasyFTP Server 1.7.0.11 - 'LIST' (Authenticated) Remote Buffer Overflow
!/usr/bin/python import socket,sys Tested on XP Pro SP2 Eng and XP Pro SP3 Eng print """ Easy FTP Server v1.7.0.11 LIST Remote BoF Exploit Post Authentication Author / Discovered by : Karn Ganeshen Date : July 5, 2010 KarnGaneshen aT gmail d0t com http://ipositivesecurity.blogspot.com """ if...