目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1336 CNY

100%

error311 厂商漏洞列表 / CVE 中文分析 14

error311 厂商相关 14 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

该厂商专注于开发企业级安全审计工具,主要用于检测和修复软件漏洞。历史上常见漏洞类型包括远程代码执行、跨站脚本请求伪造和权限绕过,这些漏洞多因输入验证不足和配置错误导致。2022年曾曝出严重身份认证绕过漏洞,影响多个企业客户。其工具集具备自动化漏洞扫描和修复建议功能,但部分用户反馈存在误报率较高的问题。

14 件の結果 / 14フィルターをクリア
上位製品 error311: FileRise
CVE IDタイトルCVSS深刻度公開日
CVE-2026-54414 FileRise shared-folder upload path traversal allows arbitrary file write and admin takeover — FileRiseCWE-22 9.8 Critical2026-06-19
CVE-2026-44460 FileRise: TOTP Bypass via Setup Endpoint Disclosing Existing Secret — FileRiseCWE-200 7.4 High2026-05-27
CVE-2026-33477 FileRise has incorrect authorization in /api/file/snippet.php allows read_own users to read other users’ file content — FileRiseCWE-863 4.3 Medium2026-03-26
CVE-2026-33330 FileRise ONLYOFFICE integration allows read-only users to overwrite files via forged save callback — FileRiseCWE-863 7.1 High2026-03-24
CVE-2026-33329 FileRise: Path Traversal in `resumableIdentifier` Leading to Arbitrary File Write, Recursive Directory Deletion, and Limited Existence Oracle — FileRiseCWE-22 8.1 High2026-03-24
CVE-2026-33072 FileRise: Default Encryption Key Enables Token Forgery and Config Decryption — FileRiseCWE-798 8.2 High2026-03-20
CVE-2026-33071 FileRise: WebDAV upload path bypasses filename validation enforced by regular uploads — FileRiseCWE-434 4.3 Medium2026-03-20
CVE-2026-33070 FileRise has Unauthenticated Share Link Deletion — FileRiseCWE-306 3.7 Low2026-03-20
CVE-2026-25231 FileRise affected by an Unauthenticated File Read Due to Insufficient Access Control — FileRiseCWE-284 7.5 High2026-02-09
CVE-2026-25230 FileRise affected by HTML Injection using color property in file tags — FileRiseCWE-79 4.6 Medium2026-02-09
CVE-2025-68116 FileRise vulnerable to Cross-Site Scripting (XSS) in SVG File Handling — FileRiseCWE-79 8.9 High2025-12-16
CVE-2025-66403 FileRise Vulnerable to Stored XSS via SVG Upload — FileRiseCWE-79 4.6 Medium2025-12-01
CVE-2025-62510 FileRise insecure folder visibility via name-based mapping and incomplete ACL checks — FileRiseCWE-280 8.1 High2025-10-20
CVE-2025-62509 FileRise improper ownership/permission validation allowed cross-tenant file operations — FileRiseCWE-280 8.1 High2025-10-20

本页汇总了 error311 厂商截至目前公开的全部 14 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。