CNNVD-202601-4763 Information

CNNVD ID

CNNVD-202601-4763

Related CVE

CVE-2020-36988

• CNNVD Published: 2026-01-28

Description (Chinese)

PDW-File-Browser是Michal Charemza个人开发者的一个文件浏览器。 PDW-File-Browser 1.3版本存在跨站脚本漏洞，该漏洞源于文件重命名和路径参数存在存储型和反射型跨站脚本，可能导致执行任意JavaScript。

Description (English)

PDW-File-Browser is a file browser for the personal developer of Michal Charemza. Version 1.3 of PDW-File-Browser has a cross-site script loophole, which stems from the renaming of the file and the existence of storage and reflector-type cross-site scripts, which may result in the execution of any JavaScript.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

个人开发者

Published

2026-01-28

Last Modified

2026-02-24

References

https://github.com/GuidoNeele/PDW-File-Browser https://www.exploit-db.com/exploits/48947 https://www.vulncheck.com/advisories/pdw-file-browser-cross-site-scripting-xss