6 matches found
CVE-2025-5964
CVE-2025-5964 affects M‑Files Server pre-25.6.14925.0, where a path traversal flaw in the API endpoint lets an authenticated user read server files. Public sources describe the vulnerable component as the API handling file access, with the root cause being traversal in requests to REST endpoints....
CVE-2025-5964 Path traversal in M-Files API
A path traversal issue in the API endpoint in M-Files Server before version 25.6.14925.0 allows an authenticated user to read files in the server...
CVE-2025-5964 Path traversal in M-Files API
A path traversal issue in the API endpoint in M-Files Server before version 25.6.14925.0 allows an authenticated user to read files in the server...
CVE-2024-6789 Path traversal in M-Files API
A path traversal issue in API endpoint in M-Files Server before version 24.8.13981.0 and LTS 24.2.13421.15 SR2 and LTS 23.8.12892.0 SR6 allows authenticated user to read files...
CVE-2023-6189
Missing access permissions checks in the M-Files server before 23.11.13156.0 allow attackers to perform data write and export jobs using the M-Files API methods...
CVE-2023-6189
Missing access permissions checks in the M-Files server before 23.11.13156.0 allow attackers to perform data write and export jobs using the M-Files API methods...