Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
filerun vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2019-12457
FileRun 2019.05.21 allows images/extjs Directory Listing. This issue has been fixed in FileRun 2019.06.01.
Afian Filerun
1 Github repository
445
VMScore
CVE-2019-12458
FileRun 2019.05.21 allows css/ext-ux Directory Listing. This issue has been fixed in FileRun 2019.06.01.
Afian Filerun
1 Github repository
578
VMScore
CVE-2021-35505
Afian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path value for the magick binary.
Afian Filerun
NA
CVE-2023-28875
A Stored XSS issue in shared files download terms in Filerun Update 20220202 allows malicious users to inject JavaScript code that is executed when a user follows the crafted share link.
Afian Filerun 2022.02.02
578
VMScore
CVE-2022-30469
In Afian Filerun 20220202, lack of sanitization of the POST parameter "metadata[]" in `/?module=fileman§ion=get&page=grid` leads to SQL injection.
Afian Filerun 2022.02.02
668
VMScore
CVE-2022-30470
In Afian Filerun 20220202 Changing the "search_tika_path" variable to a custom (and previously uploaded) jar file results in remote code execution in the context of the webserver user.
Afian Filerun 2022.02.02
383
VMScore
CVE-2021-35503
Afian FileRun 2021.03.26 allows stored XSS via an HTTP X-Forwarded-For header that is mishandled when rendering Activity Logs.
Afian Filerun 2021.03.26
383
VMScore
CVE-2021-35506
Afian FileRun 2021.03.26 allows XSS when an administrator encounters a crafted document during use of the HTML Editor for a preview or edit action.
Afian Filerun 2021.03.26
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2