Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pyload pyload vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-32880
pyload is an open-source Download Manager written in pure Python. An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution. There is no fix available at the time of publication.
6.1
CVSSv3
CVE-2024-24808
pyLoad is an open-source Download Manager written in pure Python. There is an open redirect vulnerability due to incorrect validation of input values when redirecting users after login. pyLoad is validating URLs via the `get_redirect_url` function when redirecting users at login....
Pyload Pyload
8.8
CVSSv3
CVE-2024-22416
pyLoad is a free and open-source Download Manager written in pure Python. The `pyload` API allows any API call to be made using GET requests. Since the session cookie is not set to `SameSite: strict`, this opens the library up to severe attack possibilities via a Cross-Site Reque...
Pyload-ng Project Pyload-ng
1 Github repository
8.8
CVSSv3
CVE-2023-47890
pyLoad 0.5.0 is vulnerable to Unrestricted File Upload.
Pyload Pyload 0.5.0
7.5
CVSSv3
CVE-2024-21644
pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the `SECRET_KEY` variable. This issue has been patched in version 0.5.0b3.dev77.
Pyload Pyload
Pyload Pyload 0.5.0
1 Github repository
5.3
CVSSv3
CVE-2024-21645
pyLoad is the free and open-source Download Manager written in pure Python. A log injection vulnerability was identified in `pyload` allowing any unauthenticated actor to inject arbitrary messages into the logs gathered by `pyload`. Forged or otherwise, corrupted log files can be...
Pyload Pyload
Pyload Pyload 0.5.0
5.4
CVSSv3
CVE-2023-0488
Cross-site Scripting (XSS) - Stored in GitHub repository pyload/pyload before 0.5.0b3.dev42.
Pyload Pyload
Pyload-ng Project Pyload-ng
7.4
CVSSv3
CVE-2023-0509
Improper Certificate Validation in GitHub repository pyload/pyload before 0.5.0b3.dev44.
Pyload-ng Project Pyload-ng
Pyload Pyload
9.8
CVSSv3
CVE-2023-0435
Excessive Attack Surface in GitHub repository pyload/pyload before 0.5.0b3.dev41.
Pyload Pyload
7.5
CVSSv3
CVE-2023-0434
Improper Input Validation in GitHub repository pyload/pyload before 0.5.0b3.dev40.
Pyload Pyload
Pyload Pyload 0.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »