VYPR
Vendor

FileCodeBox

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2024-34525MedMay 6, 2024
    risk 0.34cvss 5.3epss 0.00

    FileCodeBox 2.0 stores a OneDrive password and AWS key in a cleartext env file.

  • CVE-2025-51663Nov 19, 2025
    risk 0.00cvss epss 0.00

    A vulnerability found in IPRateLimit implementation of FileCodeBox up to 2.2 allows remote attackers to bypass ip-based rate limit protection and failed attempt restrictions by faking X-Real-IP and X-Forwarded-For HTTP headers. This can enable attackers to perform DoS attacks or…

  • CVE-2025-51662Nov 19, 2025
    risk 0.00cvss epss 0.00

    A stored cross-site scripting (XSS) vulnerability is found in the text sharing feature of FileCodeBox version 2.2 and earlier. Insufficient input validation allows attackers to inject arbitrary JavaScript code into shared text "codeboxes". The xss payload is automatically…

  • CVE-2025-51661Nov 19, 2025
    risk 0.00cvss epss 0.00

    A path Traversal vulnerability found in FileCodeBox v2.2 and earlier allows arbitrary file writes when application is configured to use local filesystem storage. SystemFileStorage.save_file method in core/storage.py uses filenames from user input without validation to construct…