5 matches found
CVE-2025-64178
Jellysweep is a cleanup tool for the Jellyfin media server. In versions 0.12.1 and below, /api/images/cache, used to download media posters from the server, accepted a URL parameter that was directly passed to the cache package, which downloaded the poster from this URL. This URL parameter can be...
EUVD-2025-37862
Jellysweep is a cleanup tool for the Jellyfin media server. In versions 0.12.1 and below, /api/images/cache, used to download media posters from the server, accepted a URL parameter that was directly passed to the cache package, which downloaded the poster from this URL. This URL parameter can be...
Jellysweep 代码问题漏洞
Jellysweep is a smart cleanup tool for media servers by Jonah Personal Developer. A code issue vulnerability exists in Jellysweep 0.12.1 and prior versions, which stems from an unvalidated URL parameter in the /api/images/cache endpoint that could result in the download of arbitrary content...
EUVD-2017-6489
Malware in sbrugna...
CVE-2017-15014
OpenText Documentum Content Server formerly EMC Documentum Content Server through 7.3 contains the following design gap, which allows authenticated users to download arbitrary content files regardless of the attacker's repository permissions: When an authenticated user uploads content to the...