Vulnerabilities > Afian > Filerun > 2015.01.01
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-06 | CVE-2023-28876 | Unspecified vulnerability in Afian Filerun A Broken Access Control issue in comments to uploaded files in Filerun through Update 20220202 allows attackers to delete comments on files uploaded by other users. | 4.3 |
| 2021-10-05 | CVE-2021-35504 | Injection vulnerability in Afian Filerun Afian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path value for the ffmpeg binary. | 7.2 |
| 2021-10-05 | CVE-2021-35505 | Injection vulnerability in Afian Filerun Afian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path value for the magick binary. | 7.2 |
| 2018-03-06 | CVE-2018-7735 | SQL Injection vulnerability in Afian Filerun Afian FileRun (before 2018.02.13) suffers from a remote SQL injection vulnerability, when logged in as superuser, via the search parameter in a /?module=metadata§ion=cpanel&page=list_filetypes request. | 7.2 |
| 2018-03-06 | CVE-2018-7734 | SQL Injection vulnerability in Afian Filerun Afian FileRun (before 2018.02.13) suffers from a remote SQL injection vulnerability, when logged in as superuser, via the search parameter in a /?module=users§ion=cpanel&page=list request. | 7.2 |