544 matches found
Open redirect
Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5...
PYSEC-2022-43009
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.5...
PYSEC-2022-43010
Improper Access Control in GitHub repository ikus060/rdiffweb prior to 2.5.5...
PYSEC-2022-43005
Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5...
Design/Logic Flaw
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.5...
PYSEC-2022-43008
Authentication Bypass by Primary Weakness in GitHub repository ikus060/rdiffweb prior to 2.5.5...
PYSEC-2022-43006
Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5...
PYSEC-2022-43007
Failure to Sanitize Special Elements into a Different Plane Special Element Injection in GitHub repository ikus060/rdiffweb prior to 2.5.5...
PYSEC-2022-43009
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.5...
PYSEC-2022-43005
Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5...
Cross Site Request Forgery (CSRF)
rdiffweb is vulnerable to cross site request forgery. The vulnerability exists in run function of authform.py due to lack of validation of session management which allows an attacker to gain access to sensitive information in the system...
Open Redirect
rdiffweb is vulnerable to open redirect. The vulnerability exists in rdwapp.py due to improper validation of the header value which allows an attacker to redirect the user to supply invalid input...
Rdiffweb 访问控制错误漏洞
Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. It provides quick access to your archives through an efficient web interface. An Access Control Error vulnerability exists in Rdiffweb versions prior to 2.5.5, which stems from improper access control...
Rdiffweb 安全漏洞
Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. It provides quick access to your archives through an efficient web interface. A security vulnerability exists in Rdiffweb versions prior to 2.5.5, which stems from a failure to trigger a notification for sensiti...
Rdiffweb 输入验证错误漏洞
Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. It provides quick access to your archives through an efficient web interface. An input validation error vulnerability exists in Rdiffweb versions prior to 2.5.5, which originates from a hyperlink injection via a...
Rdiffweb 安全漏洞
Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. It provides quick access to your archives through an efficient web interface. A security vulnerability exists in Rdiffweb versions prior to 2.5.5, which stems from a lack of character cleanup in SSH key names...
Rdiffweb 授权问题漏洞
Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. It provides quick access to your files through an efficient web interface. A security vulnerability exists in Rdiffweb versions prior to 2.5.5, which stems from an authentication bypass that can be performed via...
Rdiffweb 安全漏洞
Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. It provides quick access to your archives through an efficient web interface. A security vulnerability exists in Rdiffweb versions prior to 2.5.5, which stems from allocating resources without limitation or...
Application allows to add same SSH key among different users
Description With SSH keys, you can connect to Rdiffweb without supplying your username and personal access token at each visit. Rdiffweb allows the same SSH key to be used by multiple users . For Example: User A has used SSH key '1' , the same key can be used by User B , User C . The application ...
CVE-2022-4724 Improper Access Control in ikus060/rdiffweb
Improper Access Control in GitHub repository ikus060/rdiffweb prior to 2.5.5...