Sibsoft Xfilesharing vulnerabilities
2 known vulnerabilities affecting sibsoft/xfilesharing.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2019-18952P1CRITICALCVSS 9.8ExploitedPoC≤ 2.5.12019-11-13
CVE-2019-18952 [CRITICAL] CVE-2019-18952: SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined
SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP.
nvd
CVE-2019-18951P2HIGHCVSS 7.5PoC≤ 2.5.12019-11-13
CVE-2019-18951 [HIGH] CWE-22 CVE-2019-18951: SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary fil
SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files.
nvd