Lucene search
+L

10 matches found

OSV
OSV
โ€ขadded 4 days agoโ€ข5 views

CVE-2026-61505 Rejetto HFS < 3.2.1 Limited File Disclosure via Path Traversal in lang Parameter

Rejetto HFS 3.0.0 through 3.2.0 allows path traversal through the lang query parameter, permitting a remote unauthenticated attacker to read certain JSON files outside the shared folders. Exploitation is constrained to files matching a narrow naming and format pattern, limiting practical impact...

6.9CVSS6.1AI score0.00452EPSS
Exploits0References5
Vulnrichment
Vulnrichment
โ€ขadded 4 days agoโ€ข3 views

CVE-2026-61501 Rejetto HFS < 3.2.1 Stored XSS in Admin Log Viewer

Rejetto HFS 3.0.0 through 3.2.0 renders log entries in the administration panel as HTML without sanitization. A remote unauthenticated attacker can submit a failed login with a crafted username that is written to the error log and executes JavaScript in an administrator's browser when the logs ar...

6.1CVSS6.3AI score0.00308EPSS
Exploits0References2
Positive Technologies
Positive Technologies
โ€ขadded 4 days agoโ€ข9 views

PT-2026-57841

Name of the Vulnerable Software and Affected Versions Rejetto HFS versions 3.0.0 through 3.2.0 Description The software derives its session-cookie signing key from the non-cryptographic Math.random generator and discloses outputs of this generator to unauthenticated clients during login. A remote...

9.8CVSS6.5AI score0.00747EPSS
Exploits0References6
Packet Storm
Packet Storm
โ€ขadded 2026/02/18 12:0 a.m.โ€ข187 views

๐Ÿ“„ Rejetto HTTP File Server 2.3m Unauthenticated Remote Code Execution

Proof of concept exploit for an unauthenticated remote code execution vulnerability in Rejetto HTTP File Server version 2.3m that leverages template injection...

9.8CVSS6.5AI score0.99485EPSS
Exploits20
GithubExploit
GithubExploit
โ€ขadded 2025/09/16 5:44 p.m.โ€ข265 views

Exploit for Code Injection in Rejetto Http_File_Server

CVE-2014-6287 - Rejetto HTTP File Server RCE Exploit !Rust...

10CVSS8.8AI score0.99323EPSS
Exploits23
Tenable Nessus
Tenable Nessus
โ€ขadded 2025/08/11 12:0 a.m.โ€ข5 views

Rejetto HTTP File Server < 2.3c Remote Code Execution

Rejetto HTTP File Server versions prior to 2.3c, is vulnerable to a remote code execution. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. No source data...

10CVSS8.8AI score0.99323EPSS
Exploits23References2
Positive Technologies
Positive Technologies
โ€ขadded 2024/07/04 12:0 a.m.โ€ข9 views

PT-2024-28745 ยท Rejetto ยท Rejetto Hfs

Name of the Vulnerable Software and Affected Versions: rejetto HFS aka HTTP File Server versions 3 before 0.52.10 Description: The issue allows OS command execution by remote authenticated users who have Upload permissions. This occurs because a shell is used to execute df with execSync instead o...

9.9CVSS7.2AI score0.48477EPSS
Exploits1References29
VulnCheck KEV
VulnCheck KEV
โ€ขadded 2024/06/28 12:0 a.m.โ€ข6 views

VulnCheck KEV: CVE-2024-23692

Rejetto HTTP File Server contains an improper neutralization of special elements used in a template engine vulnerability. This allows a remote, unauthenticated attacker to execute commands on the affected system by sending a specially crafted HTTP request...

9.8CVSS5.9AI score0.99485EPSS
Exploits20References1
CNNVD
CNNVD
โ€ขadded 2024/05/31 12:0 a.m.โ€ข4 views

Rejetto HTTP File Server ๅฎ‰ๅ…จๆผๆดž

Rejetto HTTP File Server Rejetto HFS is an HTTP file server from Rejetto. A template injection vulnerability exists in Rejetto HTTP File Server version 2.3m and earlier, which arises from an application that uses unfiltered user input as template parameters when rendering dynamic content, and can...

9.8CVSS9.7AI score0.99485EPSS
Exploits20References4
Positive Technologies
Positive Technologies
โ€ขadded 2014/10/07 12:0 a.m.โ€ข9 views

PT-2014-7131 ยท Rejetto ยท Rejetto Http File Server

Name of the Vulnerable Software and Affected Versions: Rejetto HTTP File Server versions 2.3x prior to 2.3c Description: The issue allows remote attackers to execute arbitrary programs via a %00 sequence in a search action. This is due to a problem in the findMacroMarker function in parserLib.pas...

10CVSS7.7AI score0.99323EPSS
Exploits23References16
Rows per page
Query Builder