Lucene search
K

6 matches found

Snyk
Snyk
added 2026/06/16 8:59 p.m.9 views

Improper Restriction of Names for Files and Other Resources

Overview yt-dlp is an A youtube-dl fork with additional features and patches Affected versions of this package are vulnerable to Improper Restriction of Names for Files and Other Resources via insufficient sanitization of file extensions during the file download. An attacker can cause arbitrary...

9.6CVSS6.4AI score0.00555EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-24546

Malicious code in bioql PyPI...

7.2CVSS6.5AI score0.00966EPSS
Exploits0References2
CVE
CVE
added 2024/08/20 3:21 a.m.110 views

CVE-2022-1206

CVE-2022-1206 concerns the WordPress plugin AdRotate Banner Manager. The vulnerability is an arbitrary file upload caused by missing file extension sanitization in the adrotate_insert_media() function, affecting all versions up to and including 5.13.2. It requires authenticated access at administ...

7.2CVSS7.3AI score0.00966EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/02 1:47 p.m.47 views

CVE-2024-38519 yt-dlp and youtube-dl vulnerable to file system modification and RCE through improper file-extension sanitization

yt-dlp and youtube-dl are command-line audio/video downloaders. Prior to the fixed versions, yt-dlp and youtube-dl do not limit the extensions of downloaded files, which could lead to arbitrary filenames being created in the download folder and path traversal on Windows. Since yt-dlp and youtube-...

7.8CVSS0.00322EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/07/02 1:47 p.m.23 views

CVE-2024-38519 yt-dlp and youtube-dl vulnerable to file system modification and RCE through improper file-extension sanitization

yt-dlp and youtube-dl are command-line audio/video downloaders. Prior to the fixed versions, yt-dlp and youtube-dl do not limit the extensions of downloaded files, which could lead to arbitrary filenames being created in the download folder and path traversal on Windows. Since yt-dlp and youtube-...

7.8CVSS7.6AI score0.00322EPSS
Exploits0References8
exploitpack
exploitpack
added 2014/02/05 12:0 a.m.15 views

WordPress Theme Kiddo - Arbitrary File Upload

WordPress Theme Kiddo - Arbitrary File Upload source: https://www.securityfocus.com/bid/65460/info The Kiddo theme for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to sufficiently sanitize file extensions. An...

Exploits0
Rows per page
Query Builder