Vulnerabilities > Afian > Filerun > 2019.05.21

DATE CVE VULNERABILITY TITLE RISK
2023-12-06 CVE-2023-28876 Unspecified vulnerability in Afian Filerun
A Broken Access Control issue in comments to uploaded files in Filerun through Update 20220202 allows attackers to delete comments on files uploaded by other users.
network
low complexity
afian
4.3
4.3
2021-10-05 CVE-2021-35504 Injection vulnerability in Afian Filerun
Afian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path value for the ffmpeg binary.
network
low complexity
afian CWE-74
7.2
7.2
2021-10-05 CVE-2021-35505 Injection vulnerability in Afian Filerun
Afian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path value for the magick binary.
network
low complexity
afian CWE-74
7.2
7.2
2019-06-20 CVE-2019-12905 Cross-site Scripting vulnerability in Afian Filerun 2019.05.21
FileRun 2019.05.21 allows XSS via the filename to the ?module=fileman&section=do&page=up URI.
network
low complexity
afian CWE-79
6.1
6.1
2019-05-30 CVE-2019-12459 Path Traversal vulnerability in Afian Filerun 2019.05.21
FileRun 2019.05.21 allows customizables/plugins/audio_player Directory Listing.
network
low complexity
afian CWE-22
5.3
5.3
2019-05-30 CVE-2019-12458 Path Traversal vulnerability in Afian Filerun 2019.05.21
FileRun 2019.05.21 allows css/ext-ux Directory Listing.
network
low complexity
afian CWE-22
5.3
5.3
2019-05-30 CVE-2019-12457 Path Traversal vulnerability in Afian Filerun 2019.05.21
FileRun 2019.05.21 allows images/extjs Directory Listing.
network
low complexity
afian CWE-22
5.3
5.3