Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

error311 — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting error311. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by error311:FileRise
CVE IDTitleCVSSSeverityPublished
CVE-2026-33477 FileRise has incorrect authorization in /api/file/snippet.php allows read_own users to read other users’ file content — FileRiseCWE-863 4.3 Medium2026-03-26
CVE-2026-33330 FileRise ONLYOFFICE integration allows read-only users to overwrite files via forged save callback — FileRiseCWE-863 7.1 High2026-03-24
CVE-2026-33329 FileRise: Path Traversal in `resumableIdentifier` Leading to Arbitrary File Write, Recursive Directory Deletion, and Limited Existence Oracle — FileRiseCWE-22 8.1 High2026-03-24
CVE-2026-33072 FileRise: Default Encryption Key Enables Token Forgery and Config Decryption — FileRiseCWE-798 8.2 High2026-03-20
CVE-2026-33071 FileRise: WebDAV upload path bypasses filename validation enforced by regular uploads — FileRiseCWE-434 4.3 Medium2026-03-20
CVE-2026-33070 FileRise has Unauthenticated Share Link Deletion — FileRiseCWE-306 3.7 Low2026-03-20
CVE-2026-25231 FileRise affected by an Unauthenticated File Read Due to Insufficient Access Control — FileRiseCWE-284 7.5 High2026-02-09
CVE-2026-25230 FileRise affected by HTML Injection using color property in file tags — FileRiseCWE-79 4.6 Medium2026-02-09
CVE-2025-68116 FileRise vulnerable to Cross-Site Scripting (XSS) in SVG File Handling — FileRiseCWE-79 8.9 High2025-12-16
CVE-2025-66403 FileRise Vulnerable to Stored XSS via SVG Upload — FileRiseCWE-79 4.6 Medium2025-12-01
CVE-2025-62510 FileRise insecure folder visibility via name-based mapping and incomplete ACL checks — FileRiseCWE-280 8.1 High2025-10-20
CVE-2025-62509 FileRise improper ownership/permission validation allowed cross-tenant file operations — FileRiseCWE-280 8.1 High2025-10-20

This page lists every published CVE security advisory associated with error311. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.