VYPR

WebFileSys

by WebFileSys

CVEs (2)

  • CVE-2026-29971MedApr 27, 2026
    risk 0.40cvss 6.1epss 0.00

    A reflected cross-site scripting (XSS) vulnerability exists in WebFileSys version before 2.32.0 and fixed in v.2.32.0. User-controlled input is reflected into HTML and JavaScript contexts without proper output encoding, allowing arbitrary JavaScript execution in the victim's…

  • CVE-2024-53586MedFeb 6, 2025
    risk 0.38cvss 5.3epss 0.02

    An issue in the relPath parameter of WebFileSys version 2.31.0 allows attackers to perform directory traversal via a crafted HTTP request. By injecting traversal payloads into the parameter, attackers can manipulate file paths and gain unauthorized access to sensitive files,…