23 matches found
pyLoad allows upload to arbitrary folder lead to RCE
SummaryAn authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution Detailsexample version: 0.5file:src/pyload/webui/app/blueprints/[email protected]"/render/", endpoint="render"def renderfilename: mimetype =...
PYSEC-2026-492 pyLoad allows upload to arbitrary folder lead to RCE
Summary An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution Details example version: 0.5 file:src/pyload/webui/app/blueprints/appblueprint.py python @bp.route"/render/", endpoint="render" def renderfilename:...
CVE-2026-11416
MoviePilot contains a path traversal vulnerability in the AliPan, U115, and Rclone cloud storage download handlers where the local destination path is constructed by concatenating the configured download directory with a filename taken directly from remote cloud API metadata without basename...
PyLoad vulnerable to Path Traversal via Package Folder Name in set_package_data
Summary No sanitization of package folder name allows writing files anywhere outside the intended download directory. Affected Component - src/pyload/core/api/init.py - Function: setpackagedata Details When passing a folder name in the setpackagedata API function call inside the data object with...
CVE-2026-26228 VLC for Android < 3.7.0 Remote Access Path Traversal
VideoLAN VLC for Android prior to version 3.7.0 contains a path traversal vulnerability in the Remote Access Server routing for the authenticated endpoint GET /download. The file query parameter is concatenated into a filesystem path under the configured download directory without canonicalizatio...
Linux Distros Unpatched Vulnerability : CVE-2021-29488
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SABnzbd is an open source binary newsreader. A vulnerability was discovered in SABnzbd that could trick the filesystem.renamer function into writing downloaded...
GHSA-W7HQ-F2PJ-C53G pyLoad vulnerable to remote code execution by download to /.pyload/scripts using /flashgot API
Summary The folder /.pyload/scripts has scripts which are run when certain actions are completed, for e.g. a download is finished. By downloading a executable file to a folder in /scripts and performing the respective action, remote code execution can be achieved. A file can be downloaded to such...
CVE-2024-46649
eNMS up to 4.7.1 is vulnerable to Directory Traversal via download/folder...
CVE-2024-46649
eNMS up to 4.7.1 is vulnerable to Directory Traversal via download/folder...
PT-2024-32094 · Enms · Enms
Name of the Vulnerable Software and Affected Versions: eNMS versions up to 4.7.1 Description: The issue is a Directory Traversal vulnerability, which occurs via the download/folder path. Recommendations: For versions up to 4.7.1, consider restricting access to the download/folder path as a...
eNMS 安全漏洞
eNMS is a network automation platform from eNMS Open Source. A security vulnerability exists in eNMS 4.7.1 and earlier versions, which stems from vulnerability to directory traversal attacks via download/folder...
CVE-2024-38519 yt-dlp and youtube-dl vulnerable to file system modification and RCE through improper file-extension sanitization
yt-dlp and youtube-dl are command-line audio/video downloaders. Prior to the fixed versions, yt-dlp and youtube-dl do not limit the extensions of downloaded files, which could lead to arbitrary filenames being created in the download folder and path traversal on Windows. Since yt-dlp and youtube-...
CVE-2024-32880
CVE-2024-32880 affects pyload, an open-source Python download manager. Multiple sources confirm an authenticated user can change the download folder and upload a crafted template to that folder, triggering remote code execution (RCE). No fix was available at publication; PoCs describe leveraging ...
CVE-2024-32880 pyLoad allows upload to arbitrary folder lead to RCE
pyload is an open-source Download Manager written in pure Python. An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution. There is no fix available at the time of publication...
pyload 安全漏洞
pyload is a free and open source download manager written in Python, designed to be extremely lightweight, easily extensible and fully manageable over the Web. pyload has a security vulnerability. An authenticated user could change the download folder and upload carefully crafted templates to a...
GHSA-3F7W-P8VR-4V5F pyLoad allows upload to arbitrary folder lead to RCE
Summary An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution Details example version: 0.5 file:src/pyload/webui/app/blueprints/appblueprint.py python @bp.route"/render/", endpoint="render" def renderfilename:...
DEBIAN-CVE-2021-29488
SABnzbd is an open source binary newsreader. A vulnerability was discovered in SABnzbd that could trick the filesystem.renamer function into writing downloaded files outside the configured Download Folder via malicious PAR2 files. A patch was released as part of SABnzbd 3.2.1RC1. As a workaround,...
CVE-2021-29488
SABnzbd is an open source binary newsreader. A vulnerability was discovered in SABnzbd that could trick the filesystem.renamer function into writing downloaded files outside the configured Download Folder via malicious PAR2 files. A patch was released as part of SABnzbd 3.2.1RC1. As a workaround,...
CVE-2021-29488
SABnzbd is an open source binary newsreader. A vulnerability was discovered in SABnzbd that could trick the filesystem.renamer function into writing downloaded files outside the configured Download Folder via malicious PAR2 files. A patch was released as part of SABnzbd 3.2.1RC1. As a workaround,...
SABnzbd 安全漏洞
sabnzbd is a software application. An open source binary news reader written in Python. SABnzbd 3.2.1RC1 suffers from a security vulnerability that stems from the ability to spoof the filessystem .renamer function to write downloaded files outside of the configured download folder via a malicious...