530 matches found
CVE-2023-0435 Excessive Attack Surface in pyload/pyload
Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41...
CVE-2023-0435 Excessive Attack Surface in pyload/pyload
Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41...
pyload 输入验证错误漏洞
pyload is a free and open source download manager written in Python, designed to be extremely lightweight, easily extensible and fully manageable over the web. An input validation error vulnerability exists in pyload versions prior to 0.5.0b3.dev40, which stems from improper input validation...
CVE-2023-0434
CVE-2023-0434 affects the Python-based download manager project pyload/pyload . The issue is described as an improper input validation vulnerability in versions prior to 0.5.0b3.dev40 . Affected component is the core input handling of pyload/pyload, with the underlying root cause being insufficie...
PT-2023-16266 · Pyload · Pyload
Name of the Vulnerable Software and Affected Versions: pyload/pyload versions prior to 0.5.0b3.dev40 Description: The issue is related to improper input validation. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where...
CVE-2023-0435 Excessive Attack Surface in pyload/pyload
Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41...
CVE-2023-0434 Improper Input Validation in pyload/pyload
Improper Input Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev40...
PT-2023-8517 · Pyload · Pyload
Name of the Vulnerable Software and Affected Versions: pyLoad versions prior to 0.5.0b3.dev78 Description: The issue is related to a Cross-Site Request Forgery CSRF attack. Since the session cookie is not set to SameSite: strict, this opens the library up to severe attack possibilities. Any API...
Code Injection in pyload-ng
Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31...
GHSA-PF38-5P22-X6H6 Code Injection in pyload-ng
Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31...
CVE-2023-0297
Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31...
Code injection
Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31...
CVE-2023-0297 Code Injection in pyload/pyload
Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31...
pyload 代码注入漏洞
pyload is a free and open source download manager written in Python, designed to be extremely lightweight, easily extensible and fully manageable over the Web. A code injection vulnerability exists in pyload/pyload 0.5.0b3.dev31 and prior versions, which stems from an attacker being able to...
CVE-2023-0297 Code Injection in pyload/pyload
Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31...
CVE-2023-0297 Code Injection in pyload/pyload
Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31...
PT-2023-16152 · Pypi +1 · Js2Py +1
Name of the Vulnerable Software and Affected Versions: pyload/pyload versions prior to 0.5.0b3.dev31 Description: The issue concerns a code injection vulnerability in the pyload/pyload GitHub repository. It allows for pre-authentication remote code execution RCE due to the integration of JavaScri...
CVE-2023-0297
PyLoad 0.5.0 pre-auth RCE (CVE-2023-0297) via code injection in js2py exposed by the flash/addcrypted2 endpoint. Exploitation is unauthenticated and can be triggered by sending crafted requests to /flash/addcrypted2, enabling remote code execution on affected systems. Multiple connected sources c...
GHSA-RV9X-WMW4-44QJ Pyload Insufficient Session Expiration vulnerability
Pyload 0.5.0b3.dev35 has an Insufficient Session Expiration vulnerability. A patch is available and anticipated to be part of version 0.5.0b3.dev36...
Pyload Insufficient Session Expiration vulnerability
Pyload 0.5.0b3.dev35 has an Insufficient Session Expiration vulnerability. A patch is available and anticipated to be part of version 0.5.0b3.dev36...