pyLoad < 0.5.0b3.dev76 Improper Access Control

pyLoad version prior to 0.5.0b3.dev76 is affected by an Improper Access Control vulnerability. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the SECRETKEY variable. An attacker can leverage this vulnerability to perform further attacks against the...

CVE-2024-21644

pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the SECRETKEY variable. This issue has been patched in version 0.5.0b3.dev77...

CVE-2024-21644

pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the SECRETKEY variable. This issue has been patched in version 0.5.0b3.dev77...

Design/Logic Flaw

pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the SECRETKEY variable. This issue has been patched in version 0.5.0b3.dev77...

CVE-2024-21644 pyLoad unauthenticated flask configuration leakage

pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the SECRETKEY variable. This issue has been patched in version 0.5.0b3.dev77...