Error311 Filerise
13 CVEs affecting Error311 Filerise. Latest disclosed: 2026-05-27. Critical: 0, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-68116 | High | 8.9 | 2025-12-16 | FileRise is a self-hosted web file manager / WebDAV server. Versions prior to 2.7.1 are vulnerable to Stored Cross-Site Scripting (XSS) due to unsafe handling… |
CVE-2026-33072 | High | 8.2 | 2026-03-20 | FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.9.0, a hardcoded default encryption key (default_please_change_this_key) is… |
CVE-2026-33329 | High | 8.1 | 2026-03-24 | FileRise is a self-hosted web file manager / WebDAV server. From version 1.0.1 to before version 3.10.0, the resumableIdentifier parameter in the Resumable.js… |
CVE-2025-62510 | High | 8.1 | 2025-10-20 | FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In version 1.4.0, a regression allowed folder visibilit… |
CVE-2025-62509 | High | 8.1 | 2025-10-20 | FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to version 1.4.0, a business logic flaw in FileRi… |
CVE-2026-25231 | High | 7.5 | 2026-02-09 | FileRise is a self-hosted web file manager / WebDAV server. Versions prior to 3.3.0, the application contains an unauthenticated file read vulnerability due to… |
CVE-2026-44460 | High | 7.4 | 2026-05-27 | FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 3.12.0, /api/totp_setup.php is callable from a… |
CVE-2026-33330 | High | 7.1 | 2026-03-24 | FileRise is a self-hosted web file manager / WebDAV server. Prior to version 3.10.0, a broken access control issue in FileRise's ONLYOFFICE integration allows… |
CVE-2026-25230 | Medium | 4.6 | 2026-02-09 | FileRise is a self-hosted web file manager / WebDAV server. Prior to 3.3.0, an HTML Injection vulnerability allows an authenticated user to modify the DOM and… |
CVE-2025-66403 | Medium | 4.6 | 2025-12-01 | FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 2.2.3, a stored cross-site scripting (XSS) vul… |
CVE-2026-33477 | Medium | 4.3 | 2026-03-26 | FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In versiosn 2.3.7 through 3.10.0, the file snippet endp… |
CVE-2026-33071 | Medium | 4.3 | 2026-03-20 | FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, the WebDAV upload endpoint accepts any file extension including .phtml… |
CVE-2026-33070 | Low | 3.7 | 2026-03-20 | FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, a missing-authentication vulnerability in the deleteShareLink endpoint… |