18 matches found
EUVD-2024-52011
Malicious code in bioql PyPI...
EUVD-2023-27005
Malicious code in bioql PyPI...
CVE-2024-53617
A Cross Site Scripting vulnerability in LibrePhotos before commit 32237 allows attackers to takeover any account via uploading an HTML file on behalf of the admin user using IDOR in file upload...
CVE-2023-22903
api/views/user.py in LibrePhotos before e19e539 has incorrect access control...
CVE-2024-53617
A Cross Site Scripting vulnerability in LibrePhotos before commit 32237 allows attackers to takeover any account via uploading an HTML file on behalf of the admin user using IDOR in file upload...
CVE-2024-53617
A Cross Site Scripting vulnerability in LibrePhotos before commit 32237 allows attackers to takeover any account via uploading an HTML file on behalf of the admin user using IDOR in file upload...
CVE-2024-53617
A Cross Site Scripting vulnerability in LibrePhotos before commit 32237 allows attackers to takeover any account via uploading an HTML file on behalf of the admin user using IDOR in file upload...
CVE-2024-53617
CVE-2024-53617 is a cross-site scripting vulnerability in LibrePhotos prior to commit 32237. An attacker can take over an account by uploading an HTML file on behalf of the admin user, leveraging an IDOR flaw in the file upload mechanism. The public description and related sources consistently ci...
LibrePhotos 安全漏洞
LibrePhotos is a self-hosted open source photo management service open-sourced by LibrePhotos. LibrePhotos suffers from a security vulnerability that stems from susceptibility to a cross-site scripting attack, where an attacker can take over any account by uploading an HTML file on behalf of an...
CVE-2024-53617
A Cross Site Scripting vulnerability in LibrePhotos before commit 32237 allows attackers to takeover any account via uploading an HTML file on behalf of the admin user using IDOR in file upload...
CVE-2023-22903
api/views/user.py in LibrePhotos before e19e539 has incorrect access control...
CVE-2023-22903
api/views/user.py in LibrePhotos before e19e539 has incorrect access control...
Improper access control
api/views/user.py in LibrePhotos before e19e539 has incorrect access control...
LibrePhotos 安全漏洞
LibrePhotos is a self-hosted open source photo management service open-sourced by LibrePhotos. A security vulnerability exists in versions prior to LibrePhotos e19e539, which stems from api/views/user.py having incorrect access control...
CVE-2023-22903
CVE-2023-22903 affects LibrePhotos; the issue is in api/views/user.py with incorrect access control prior to the commit e19e539. CVSS v3.1 shows a CRITICAL score (9.8) with NETWORK attack vector, LOW exploitability, no privileges required, and impacts to confidentiality, integrity, and availabili...
CVE-2023-22903
api/views/user.py in LibrePhotos before e19e539 has incorrect access control...
CVE-2023-22903
api/views/user.py in LibrePhotos before e19e539 has incorrect access control...
PT-2023-18766 · Unknown · Librephotos
Name of the Vulnerable Software and Affected Versions: LibrePhotos versions prior to e19e539 Description: The issue is related to incorrect access control in the api/views/user.py file. This could potentially allow unauthorized access to certain features or data. Recommendations: For versions pri...