6 matches found
CVE-2026-15331
A vulnerability was identified in zhayujie CowAgent up to 2.1.0. The affected element is the function addurl/addpackage of the file agent/skills/service.py of the component Skill Installation Handler. The manipulation of the argument Name leads to path traversal. The attack may be initiated...
CVE-2026-15331
The CVE-2026-15331 vulnerability affects zhayujie CowAgent up to 2.1.0. The issue resides in the Skill Installation Handler’s component, specifically the _add_url/_add_package functions in agent/skills/service.py, where manipulation of the Name argument enables path traversal. A remote attack is ...
Directory Traversal
Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Directory Traversal via the addpackage function. An attacker can write files outside the intended download directory by submitting specially crafted folder...
EUVD-2019-17178
Malware in sbrugna...
CVE-2019-7646
CentOS-WebPanel.com aka CWP CentOS Web Panel through 0.9.8.763 is vulnerable to Stored/Persistent XSS for the "Package Name" field via the addpackage module parameter...
CVE-2019-7646
CentOS-WebPanel.com aka CWP CentOS Web Panel through 0.9.8.763 is vulnerable to Stored/Persistent XSS for the "Package Name" field via the addpackage module parameter...