CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2023-3784 – Dooblou WiFi File Explorer cross site scripting
https://notcve.org/view.php?id=CVE-2023-3784
A vulnerability was found in Dooblou WiFi File Explorer 1.13.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument search/order/download/mode leads to cross site scripting. The attack can be launched remotely. • https://seclists.org/fulldisclosure/2023/Jul/37 https://vuldb.com/?ctiid.235051 https://vuldb.com/?id.235051 https://www.vulnerability-lab.com/get_content.php?id=2317 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 1CVE-2020-23058
https://notcve.org/view.php?id=CVE-2020-23058
An issue in the authentication mechanism in Nong Ge File Explorer v1.4 unauthenticated allows to access sensitive data. Un problema en el mecanismo de autenticación en Nong Ge File Explorer versión v1.4, permite un acceso no autenticado a datos confidenciales • https://cwe.mitre.org/data/definitions/287.html https://www.vulnerability-lab.com/get_content.php?id=2219 • CWE-287: Improper Authentication •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7998
https://notcve.org/view.php?id=CVE-2020-7998
An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. The vulnerability is located in the developer path that is accessible and hidden next to the root path. By default, there is no password set for the FTP or Web UI service. Se ha detectado una vulnerabilidad de carga de archivo arbitraria en la aplicación Super File Explorer versión 1.0.1 para iOS. La vulnerabilidad se presenta en la ruta del desarrollador que es accesible y oculta al lado de la ruta root. • https://apps.apple.com/us/app/super-file-explorer-file-viewer-file-manager/id1101973946 https://gist.github.com/adeshkolte/9e60b2483d2f20d1951beac0fc917c6f • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2014-2079
https://notcve.org/view.php?id=CVE-2014-2079
X File Explorer (aka xfe) might allow local users to bypass intended access restrictions and gain access to arbitrary files by leveraging failure to use directory masks when creating files on Samba and NFS shares. X File Explorer (también conocido como xfe) podría permitir que usuarios locales omitan las restricciones de acceso planeadas y obtengan acceso a archivos arbitrarios aprovechando el error a la hora de emplear máscaras de directorio al crear archivos en las comparticiones Samba y NFS. • http://www.openwall.com/lists/oss-security/2014/02/24/5 http://www.securityfocus.com/bid/65748 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739536 https://bugzilla.redhat.com/show_bug.cgi?id=1069066 https://exchange.xforce.ibmcloud.com/vulnerabilities/91519 • CWE-264: Permissions, Privileges, and Access Controls •