12 matches found
CVE-2026-27611
FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to versions 1.1.3-stable and 1.2.6-beta, when users share password-protected files, the recipient can completely bypass the password and still download the file. This happens because the API returns a direct download link i...
TinyFileManager Path Traversal Vulnerability
TinyFileManager is a web-based file manager. It is used to store, upload, edit and manage files and folders online through a web browser. TinyFileManager has a path traversal vulnerability that stems from the parameter fullpath in the file tinyfilemanager.php failing to correctly filter special...
Afian Filerun SQL Injection Vulnerability (CNVD-2022-68943)
Afian FileRun is a full-featured web-based file manager. sql injection vulnerability exists in Afian Filerun version 20220202, which stems from a lack of cleanup of the POST parameter metadata in the /?module=fileman§ion=get&page=grid page. An attacker could exploit this vulnerability to cause SQ...
Afian FileRun 注入漏洞
Afian FileRun is a full-featured web-based file manager. A security vulnerability exists in Afian FileRun 2021.03.26 that allows remote code execution...
TinyFileManager Cross-Site Scripting Vulnerability
TinyFileManager is a web-based file manager used to store, upload, edit and manage files and folders online via a web browser. It is used to store, upload, edit and manage files and folders online via a Web browser. A cross-site scripting vulnerability exists in TinyFileManager 2.4.6 and all...
TinyFileManager path traversal vulnerability
TinyFileManager is a web-based file manager used to store, upload, edit and manage files and folders online via a web browser. A path traversal vulnerability exists in TinyFileManager 2.4.6 and all versions below, which stems from the software's lack of validation and escaping of the fullpath...
[SECURITY] [DLA 596-1] extplorer security update
Package : extplorer Version : 2.1.0b6+dfsg.3-4+deb7u4 CVE ID : CVE-2016-4313 It was discovered that there was an archive traversal exploit in eXtplorer, a web-based file manager. The unzip/extract feature allowed for path traversal as decompressed files can be placed outside of the intended targe...
JVN#97099798: eXtplorer vulnerable to cross-site scripting
eXtplorer is a web-based file manager. eXtplorer contains multiple cross-site scripting vulnerabilities. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer. Products...
Debian Security Advisory DSA 2882-1 (extplorer - security update)
Multiple cross-site scripting XSS vulnerabilities have been discovered in extplorer, a web file explorer and manager using Ext JS. A remote attacker can inject arbitrary web script or HTML code via a crafted string in the URL to application.js.php, admin.php, copymove.php, functions.php, header.p...
FileExecutive v1.0.0 Multiple Vulnerabilities
Exploit for unknown platform in category web applications ============================================= FileExecutive v1.0.0 Multiple Vulnerabilities ============================================= ============================================================================== » FileExecutive...
FileExecutive File Disclosure / Path Disclosure / Shell Upload
============================================================================== » Thx To : Jiko ,H.Scorpion ,Dr.Bahy ,T3rr0rist ,Golden-z3r0 ,Shr7 Team . ============================================================================== » FileExecutive Multiple Vulnerabilities...
[ISecAuditors Security Advisories] QuiXplorer <=2.4.1beta Remote Code Execution vulnerability
============================================= INTERNET SECURITY AUDITORS ALERT 2009-003 - Original release date: March 2nd, 2009 - Last revised: December 17th, 2009 - Discovered by: Juan Galiana Lara - Severity: 9/10 CVSS scored ============================================= I. VULNERABILITY...