Page 3 of 14 results (0.002 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 2

FileRun 2019.05.21 allows css/ext-ux Directory Listing. This issue has been fixed in FileRun 2019.06.01. FileRun hasta el 21-05-2019, permite lista de directorios (Directory Listing) de css/ext-ux. Este problema se ha solucionado en FileRun 01.06.2019. • https://emreovunc.com/blog/en/FileRun-DirectoryListing-2.png https://filerun.com/changelog https://github.com/EmreOvunc/FileRun-Vulnerabilities https://github.com/EmreOvunc/FileRun-Vulnerabilities/issues/3 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 2

FileRun 2019.05.21 allows images/extjs Directory Listing. This issue has been fixed in FileRun 2019.06.01. FileRun hasta el 21-05-2019, permite lista de directorios (Directory Listing) de images/extjs. Este problema se ha solucionado en FileRun 01.06.2019. • https://emreovunc.com/blog/en/FileRun-DirectoryListing-1.png https://filerun.com/changelog https://github.com/EmreOvunc/FileRun-Vulnerabilities https://github.com/EmreOvunc/FileRun-Vulnerabilities/issues/3 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

Afian FileRun (before 2018.02.13) suffers from a remote SQL injection vulnerability, when logged in as superuser, via the search parameter in a /?module=users&section=cpanel&page=list request. Afian FileRun (en versiones anteriores a la 2018.02.13) sufre de una vulnerabilidad de inyección SQL remota al iniciar sesión como superusuario mediante el parámetro search en una petición /?module=userssection=cpanelpage=list. • http://www.filerun.com/changelog https://feedback.filerun.com/communities/1/topics/189-critical-security-update-available https://www.scanfsec.com/FileRun_2017_09_25_Blind_SQL.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

Afian FileRun (before 2018.02.13) suffers from a remote SQL injection vulnerability, when logged in as superuser, via the search parameter in a /?module=metadata&section=cpanel&page=list_filetypes request. Afian FileRun (en versiones anteriores a la 2018.02.13) sufre de una vulnerabilidad de inyección SQL remota al iniciar sesión como superusuario mediante el parámetro search en una petición /?module=metadatasection=cpanelpage=list_filetypes. • http://www.filerun.com/changelog https://feedback.filerun.com/communities/1/topics/189-critical-security-update-available https://www.scanfsec.com/FileRun_2017_09_25_Blind_SQL.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •