Liquidfiles
Sign in to watchby Liquidjs
CVEs (3)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-46094 | 0.00 | — | 0.00 | Aug 4, 2025 | LiquidFiles before 4.1.2 allows directory traversal by configuring the pathname of a local executable file as an Actionscript. | ||
| CVE-2025-46093 | 0.00 | — | 0.00 | Aug 4, 2025 | LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 (setuid and setgid), which allows FTPDrop users to execute arbitrary code as root by leveraging the Actionscript feature and the sudoers configuration. | ||
| CVE-2023-4393 | 0.00 | — | 0.00 | Oct 29, 2023 | HTML and SMTP injections on the registration page of LiquidFiles versions 3.7.13 and below, allow an attacker to perform more advanced phishing attacks against an organization. |