Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pydio pydio vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2020-12851
Pydio Cells 2.0.4 allows an authenticated user to write or overwrite existing files in another user’s personal and cells folders (repositories) by uploading a custom generated ZIP file and leveraging the file extraction feature present in the web application. The extracted ...
Pydio Cells 2.0.4
4.3
CVSSv2
CVE-2020-12853
Pydio Cells 2.0.4 allows XSS. A malicious user can either upload or create a new file that contains potentially malicious HTML and JavaScript code to personal folders or accessible cells.
Pydio Cells 2.0.4
4
CVSSv2
CVE-2021-41323
Directory traversal in the Compress feature in Pydio Cells 2.2.9 allows remote authenticated users to overwrite personal files, or Cells files belonging to any user, via the format parameter.
Pydio Cells 2.2.9
4
CVSSv2
CVE-2021-41324
Directory traversal in the Copy, Move, and Delete features in Pydio Cells 2.2.9 allows remote authenticated users to enumerate personal files (or Cells files belonging to any user) via the nodes parameter (for Copy and Move) or via the Path parameter (for Delete).
Pydio Cells 2.2.9
4
CVSSv2
CVE-2021-41325
Broken access control for user creation in Pydio Cells 2.2.9 allows remote anonymous users to create standard users via the profile parameter. (In addition, such users can be granted several admin permissions via the Roles parameter.)
Pydio Cells 2.2.9
NA
CVE-2023-2978
A vulnerability was found in Abstrium Pydio Cells 4.2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Change Subscription Handler. The manipulation leads to authorization bypass. The exploit has been disclosed to the publ...
Abstrium Pydio Cells 4.2.0
NA
CVE-2023-2979
A vulnerability classified as critical has been found in Abstrium Pydio Cells 4.2.0. This affects an unknown part of the component User Creation Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been discl...
Abstrium Pydio Cells 4.2.0
NA
CVE-2023-2980
A vulnerability classified as critical was found in Abstrium Pydio Cells 4.2.0. This vulnerability affects unknown code of the component User Creation Handler. The manipulation leads to improper control of resource identifiers. The attack can be initiated remotely. The exploit ha...
Abstrium Pydio Cells 4.2.0
NA
CVE-2023-2981
A vulnerability, which was classified as problematic, has been found in Abstrium Pydio Cells 4.2.0. This issue affects some unknown processing of the component Chat. The manipulation leads to basic cross site scripting. The attack may be initiated remotely. The exploit has been d...
Abstrium Pydio Cells 4.2.0
8.5
CVSSv2
CVE-2013-6226
Directory traversal vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) prior to 5.0.4 allows remote malicious users to read or delete arbitrary files via unspecified vectors.
Ajaxplorer Ajaxplorer 3.1.1
Ajaxplorer Ajaxplorer 2.5
Ajaxplorer Ajaxplorer 3.3.2
Ajaxplorer Ajaxplorer 3.0.1
Ajaxplorer Ajaxplorer 4.2.3
Ajaxplorer Ajaxplorer 4.0.4
Ajaxplorer Ajaxplorer 3.3.4
Ajaxplorer Ajaxplorer 5.0.1
Ajaxplorer Ajaxplorer 3.0
Ajaxplorer Ajaxplorer 2.7.2
Ajaxplorer Ajaxplorer 3.1
Ajaxplorer Ajaxplorer 3.2.3
Ajaxplorer Ajaxplorer 2.6.0
Ajaxplorer Ajaxplorer 2.5.4
Ajaxplorer Ajaxplorer 4.2.2
Ajaxplorer Ajaxplorer 2.3.3
Ajaxplorer Ajaxplorer 5.0.2
Ajaxplorer Ajaxplorer 3.2.1
Ajaxplorer Ajaxplorer 3.2.5
Ajaxplorer Ajaxplorer
Ajaxplorer Ajaxplorer 4.0.3
Ajaxplorer Ajaxplorer 2.3.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »