cbcvebase.

Error311 Filerise vulnerabilities

14 known vulnerabilities affecting error311/filerise.

Total CVEs
14
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH8MEDIUM5

Vulnerabilities

Page 1 of 1
CVE-2026-54414P2CRITICALCVSS 9.8fixed in 3.16.02026-06-19
CVE-2026-54414 [CRITICAL] CWE-22 CVE-2026-54414: FileRise before 3.16.0 is vulnerable to path traversal in the shared-folder upload endpoint (/api/fo FileRise before 3.16.0 is vulnerable to path traversal in the shared-folder upload endpoint (/api/folder/uploadToSharedFolder.php), leading to arbitrary file write and administrator account takeover. The upload filename is validated by FolderController with basename() and REGEX_FILE_NAME, which permit URL-encoded sequences (the regex blocks / and \
nvd
CVE-2026-33071P2HIGHCVSS 8.8fixed in 3.8.02026-03-20
CVE-2026-33071 [HIGH] CWE-434 CVE-2026-33071: FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, the WebDAV u FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, the WebDAV upload endpoint accepts any file extension including .phtml, .php5, .htaccess, and other server-side executable types, bypassing the filename validation enforced by the regular upload path. In non-default deployments lacking Apache's LocationMatch protec
nvd
CVE-2026-33329P3HIGHCVSS 8.1v>= 1.0.1, < 3.10.02026-03-24
CVE-2026-33329 [HIGH] CWE-22 CVE-2026-33329: FileRise is a self-hosted web file manager / WebDAV server. From version 1.0.1 to before version 3.1 FileRise is a self-hosted web file manager / WebDAV server. From version 1.0.1 to before version 3.10.0, the resumableIdentifier parameter in the Resumable.js chunked upload handler (UploadModel::handleUpload()) is concatenated directly into filesystem paths without any sanitization. An authenticated user with upload permission can exploit this to writ
nvd
CVE-2025-62509P3HIGHCVSS 8.1fixed in 1.4.02025-10-20
CVE-2025-62509 [HIGH] CWE-280 CVE-2025-62509: FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operatio FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to version 1.4.0, a business logic flaw in FileRise’s file/folder handling allows low-privilege users to perform unauthorized operations (view/delete/modify) on files created by other users. The root cause was inferring ownership/visibility fr
nvd
CVE-2025-62510P3HIGHCVSS 8.1v= 1.4.02025-10-20
CVE-2025-62510 [HIGH] CWE-280 CVE-2025-62510: FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operatio FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In version 1.4.0, a regression allowed folder visibility/ownership to be inferred from folder names. Low-privilege users could see or interact with folders matching their username and, in some cases, other users’ content. This issue has been patched
nvd
CVE-2026-25231P3HIGHCVSS 7.5fixed in 3.3.02026-02-09
CVE-2026-25231 [HIGH] CWE-284 CVE-2026-25231: FileRise is a self-hosted web file manager / WebDAV server. Versions prior to 3.3.0, the application FileRise is a self-hosted web file manager / WebDAV server. Versions prior to 3.3.0, the application contains an unauthenticated file read vulnerability due to the lack of access control on the /uploads directory. Files uploaded to this directory can be accessed directly by any user who knows or can guess the file path, without requiring authenticatio
nvd
CVE-2026-33072P3HIGHCVSS 7.5fixed in 3.9.02026-03-20
CVE-2026-33072 [HIGH] CWE-798 CVE-2026-33072: FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.9.0, a hardcoded FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.9.0, a hardcoded default encryption key (default_please_change_this_key) is used for all cryptographic operations — HMAC token generation, AES config encryption, and session tokens — allowing any unauthenticated attacker to forge upload tokens for arbitrary file upload t
nvd
CVE-2026-44460P3HIGHCVSS 7.4fixed in 3.12.02026-05-27
CVE-2026-44460 [HIGH] CWE-200 CVE-2026-44460: FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operatio FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 3.12.0, /api/totp_setup.php is callable from a session that has only passed the password check (state pending_login_user). When the target account already has TOTP configured, the endpoint decrypts and returns the user's existing TOTP secre
nvd
CVE-2026-33330P3HIGHCVSS 7.1fixed in 3.10.02026-03-24
CVE-2026-33330 [HIGH] CWE-863 CVE-2026-33330: FileRise is a self-hosted web file manager / WebDAV server. Prior to version 3.10.0, a broken access FileRise is a self-hosted web file manager / WebDAV server. Prior to version 3.10.0, a broken access control issue in FileRise's ONLYOFFICE integration allows an authenticated user with read-only access to obtain a signed save callbackUrl for a file and then directly forge the ONLYOFFICE save callback to overwrite that file with attacker-controlled co
nvd
CVE-2026-33070P4MEDIUMCVSS 4.8fixed in 3.8.02026-03-20
CVE-2026-33070 [MEDIUM] CWE-306 CVE-2026-33070: FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, a missing-au FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, a missing-authentication vulnerability in the deleteShareLink endpoint allows any unauthenticated user to delete arbitrary file share links by providing only the share token, causing denial of service to shared file access. The POST /api/file/deleteShareLink.php
nvd
CVE-2025-68116P4MEDIUMCVSS 5.4fixed in 2.7.12025-12-16
CVE-2025-68116 [MEDIUM] CWE-79 CVE-2025-68116: FileRise is a self-hosted web file manager / WebDAV server. Versions prior to 2.7.1 are vulnerable t FileRise is a self-hosted web file manager / WebDAV server. Versions prior to 2.7.1 are vulnerable to Stored Cross-Site Scripting (XSS) due to unsafe handling of browser-renderable user uploads when served through the sharing and download endpoints. An attacker who can get a crafted SVG (primary) or HTML (secondary) file stored in a FileRise instance
nvd
CVE-2026-25230P4MEDIUMCVSS 5.4fixed in 3.3.02026-02-09
CVE-2026-25230 [MEDIUM] CWE-79 CVE-2026-25230: FileRise is a self-hosted web file manager / WebDAV server. Prior to 3.3.0, an HTML Injection vulner FileRise is a self-hosted web file manager / WebDAV server. Prior to 3.3.0, an HTML Injection vulnerability allows an authenticated user to modify the DOM and add e.g. form elements that call certain endpoints or link elements that redirect the user on active interaction. This vulnerability is fixed in 3.3.0.
nvd
CVE-2025-66403P4MEDIUMCVSS 5.4fixed in 2.2.32025-12-01
CVE-2025-66403 [MEDIUM] CWE-79 CVE-2025-66403: FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operatio FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 2.2.3, a stored cross-site scripting (XSS) vulnerability exists in the Filerise application due to improper handling of uploaded SVG files. The application accepts user-supplied SVG uploads without sanitizing or restricting embedded script
nvd
CVE-2026-33477P4MEDIUMCVSS 4.3v>= 2.3.7, < 3.11.02026-03-26
CVE-2026-33477 [MEDIUM] CWE-863 CVE-2026-33477: FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operatio FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In versiosn 2.3.7 through 3.10.0, the file snippet endpoint `/api/file/snippet.php` allows an authenticated user with only `read_own` access to a folder to retrieve snippet content from files uploaded by other users in the same folder. This is a s
nvd
Error311 Filerise vulnerabilities | cvebase