2 matches found
GO-2026-5691 File Browser has a DoS Vulnerability via Public Login API in github.com/filebrowser/filebrowser
File Browser has a DoS Vulnerability via Public Login API in github.com/filebrowser/filebrowser...
CVE-2026-40485 ChurchCRM: Username Enumeration via Differential Response in Public Login API
ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the public API login endpoint /api/public/user/login returns distinguishable HTTP response codes based on whether a username exists: 404 for non-existent users and 401 for valid users with incorrect passwords. An...