Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

pyload pyload vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2024-32880
pyload is an open-source Download Manager written in pure Python. An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution. There is no fix available at the time of publication.
6.1
CVSSv3
CVE-2024-24808
pyLoad is an open-source Download Manager written in pure Python. There is an open redirect vulnerability due to incorrect validation of input values when redirecting users after login. pyLoad is validating URLs via the `get_redirect_url` function when redirecting users at login....
Pyload Pyload
8.8
CVSSv3
CVE-2024-22416
pyLoad is a free and open-source Download Manager written in pure Python. The `pyload` API allows any API call to be made using GET requests. Since the session cookie is not set to `SameSite: strict`, this opens the library up to severe attack possibilities via a Cross-Site Reque...
Pyload-ng Project Pyload-ng
8.8
CVSSv3
CVE-2023-47890
pyLoad 0.5.0 is vulnerable to Unrestricted File Upload.
Pyload Pyload 0.5.0
7.5
CVSSv3
CVE-2024-21644
pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the `SECRET_KEY` variable. This issue has been patched in version 0.5.0b3.dev77.
Pyload PyloadPyload Pyload 0.5.0
5.3
CVSSv3
CVE-2024-21645
pyLoad is the free and open-source Download Manager written in pure Python. A log injection vulnerability was identified in `pyload` allowing any unauthenticated actor to inject arbitrary messages into the logs gathered by `pyload`. Forged or otherwise, corrupted log files can be...
Pyload PyloadPyload Pyload 0.5.0
5.4
CVSSv3
CVE-2023-0488
Cross-site Scripting (XSS) - Stored in GitHub repository pyload/pyload before 0.5.0b3.dev42.
Pyload PyloadPyload-ng Project Pyload-ng
7.4
CVSSv3
CVE-2023-0509
Improper Certificate Validation in GitHub repository pyload/pyload before 0.5.0b3.dev44.
Pyload-ng Project Pyload-ngPyload Pyload
9.8
CVSSv3
CVE-2023-0435
Excessive Attack Surface in GitHub repository pyload/pyload before 0.5.0b3.dev41.
Pyload Pyload
7.5
CVSSv3
CVE-2023-0434
Improper Input Validation in GitHub repository pyload/pyload before 0.5.0b3.dev40.
Pyload PyloadPyload Pyload 0.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook