Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Jirafeau project — Vulnerabilities & Security Advisories 3

Browse all 3 CVE security advisories affecting Jirafeau project. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Jirafeau is a lightweight PHP-based file upload service designed for simple file sharing without requiring a database. Historically, the project has been vulnerable to multiple remote code execution (RCE) flaws, cross-site scripting (XSS) vulnerabilities, and privilege escalation issues due to insufficient input validation and insecure file handling. Notable security characteristics include its minimal architecture, which while reducing complexity, has consistently exposed attack vectors through improper sanitization of user-supplied data. The project's three recorded CVEs highlight persistent security challenges, particularly in how file permissions and access controls are implemented, making it essential for users to maintain current versions and implement additional security layers.

Top products by Jirafeau project: Jirafeau
CVE IDTitleCVSSSeverityPublished
CVE-2026-1466 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Jirafeau — JirafeauCWE-79 6.1 Medium2026-01-28
CVE-2025-7066 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Jirafeau — JirafeauCWE-79 6.1 Medium2025-07-04
CVE-2024-12326 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Jirafeau — JirafeauCWE-79 6.1 Medium2024-12-06

This page lists every published CVE security advisory associated with Jirafeau project. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.