3 matches found
CVE-2026-54414
FileRise before 3.16.0 is vulnerable to path traversal in the shared-folder upload endpoint /api/folder/uploadToSharedFolder.php, leading to arbitrary file write and administrator account takeover. The upload filename is validated by FolderController with basename and REGEXFILENAME, which permit...
EUVD-2026-37993
FileRise before 3.16.0 is vulnerable to path traversal in the shared-folder upload endpoint /api/folder/uploadToSharedFolder.php, leading to arbitrary file write and administrator account takeover. The upload filename is validated by FolderController with basename and REGEXFILENAME, which permit...
PT-2026-50842
Name of the Vulnerable Software and Affected Versions FileRise versions prior to 3.16.0 Description A path traversal issue exists in the shared-folder upload endpoint '/api/folder/uploadToSharedFolder.php'. The FolderController validates the upload filename using basename and REGEX FILE NAME, but...