CVE-2025-27145 copyparty renders unsanitized filenames as HTML when user uploads empty files

copyparty, a portable file server, has a DOM-based cross-site scripting vulnerability in versions prior to 1.16.15. The vulnerability is considered low-risk. By handing someone a maliciously-named file, and then tricking them into dragging the file into copyparty's Web-UI, an attacker could execu...

fkey[v0.0.2]: local/remote file accessibility exploit.

nothing major, just killing some time and strolled across this project on freshmeat. original version: http://fakehalo.us/xfkey.c --------------------- exploit: xfkey.c ---------------------- / fkeyv0.0.2: local/remote file accessibility exploit. by: vade79/v9 [email protected] fakehalo/realhalo...

fkey <= 0.0.2 Local File Accessibility Exploit

Exploit for linux platform in category local exploits ============================================== fkey /savefilename bug: fkey is a finger-like daemon for accessing remote files in a specified directory. there is no limitations placed on the file acessing other than it must be a filename/path...