Lucene search
K

11 matches found

CVE
CVE
added 2026/06/25 5:35 p.m.22 views

CVE-2026-54096

File Browser exposes a vulnerability: an authenticated user can create a public share for a path that does not yet exist, and that share becomes valid later when a file is created at that path, potentially exposing future files via GET /api/public/dl/. The issue is triggered by POST /api/share/, ...

8.4CVSS6AI score0.00175EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.13 views

PT-2026-49068

Name of the Vulnerable Software and Affected Versions File Browser versions prior to 2.63.7 Description An authenticated user can create a public share for an arbitrary path that does not yet exist. The system stores the share record without verifying the file's existence. Consequently, if a file...

8.4CVSS6AI score0.00175EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/11 9:10 p.m.12 views

EUVD-2026-29333

Outline is a service that allows for collaborative documentation. Prior to 1.7.0, the shares.create API accepts both collectionId and documentId simultaneously and, when published=false, only verifies read access for each—skipping the "share" permission check. A subsequent shares.update authorize...

6.5CVSS5.9AI score0.00211EPSS
Exploits0References1
OSV
OSV
added 2026/04/28 8:11 p.m.3 views

CVE-2026-41649 Outline has IDOR in document share creation that allows unauthorized access to private documents across workspaces

Outline is a service that allows for collaborative documentation. The shares.create API endpoint starting in version 0.86.0 and prior to version 1.7.0 has an insecure direct object reference.. When both collectionId and documentId are provided in the request, the authorization logic only checks...

7.7CVSS5.9AI score0.00293EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/21 12:0 a.m.9 views

PT-2026-26891

NetAware 1.20 contains a buffer overflow vulnerability in the Share Name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by pasting a 1000-byte buffer into the Share Name parameter when adding a new shar...

6.9CVSS6.1AI score0.00191EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/01/28 12:0 a.m.9 views

Erugo code issues and vulnerabilities

Erugo is an open-source file sharing platform developed by Erugo. Versions of Erugo 0.2.14 and earlier have code vulnerabilities. These vulnerabilities stem from insufficient path validation when creating shares. This allows low-privilege users to upload arbitrary files to designated locations,...

10CVSS6.3AI score0.03008EPSS
Exploits3References4
Vulnrichment
Vulnrichment
added 2025/04/15 12:0 a.m.8 views

CVE-2025-28142

Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V31.0.15 was discovered to contain a command injection vulnerability via the foldername in /boafrm/formDiskCreateShare...

8.1AI score0.07945EPSS
Exploits1References2
Code423n4
Code423n4
added 2023/11/17 12:0 a.m.7 views

Require statement will allow WhitlistedShareCreators to create a share when share Creation is Restricted

Lines of code Vulnerability details Impact Sharecreators can create new shares even when share creation is restricted. Proof of Concept 1. owner restricts share creation. function restrictShareCreationbool isRestricted external onlyOwner requireshareCreationRestricted != isRestricted, "State...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/11/17 12:0 a.m.11 views

Creator can earn holder fee

Lines of code Vulnerability details Impact Creator can earn creator and holder as well. Proof of Concept In market.sol contract there is a buy function which cannot be used by creator of share. requireshareDataid.creator != msg.sender, "Creator cannot buy"; However, it's still possible for creato...

7AI score
Exploits0
CNNVD
CNNVD
added 2023/03/30 12:0 a.m.5 views

Nextcloud 安全特征问题漏洞

Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud suffers from a security signature issue vulnerability that stems from the weak complexity of the backup password generated when creating a share,...

7.5CVSS7.1AI score0.0054EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/05/14 12:8 p.m.56 views

Moderate: Red Hat Security Advisory: openstack-manila security update

An update for openstack-manila is now available for Red Hat OpenStack Platform 16 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.3CVSS7.2AI score0.01153EPSS
Exploits1References3
Rows per page
Query Builder