Lucene search
K

661 matches found

Positive Technologies
Positive Technologies
added 2023/08/17 12:0 a.m.2 views

PT-2023-26703 · Froxlor · Froxlor

Name of the Vulnerable Software and Affected Versions: Froxlor version 2.0.21 Description: Our research team found a zeroday issue in Froxlor. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was...

6.7AI score
Exploits0References3
Veracode
Veracode
added 2023/08/14 5:51 p.m.20 views

Business Logic Errors

froxlor/froxlor is vulnerable to Business Logic Errors. The vulnerability exists in the update function pf Admins.php because the admin name is not properly validated for spaces which allows an attacker to save a user name with just spaces/...

3.8CVSS6.7AI score0.00477EPSS
Exploits1References4Affected Software1
SUSE CVE
SUSE CVE
added 2023/08/12 2:11 a.m.2 views

SUSE CVE-2023-4304

Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0...

3.8CVSS6.8AI score0.00477EPSS
Exploits1References3
OSV
OSV
added 2023/08/11 3:30 a.m.12 views

GHSA-9RMF-6QGJ-G3WJ Froxlor vulnerable to business logic errors

Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22...

3.8CVSS4AI score0.00477EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2023/08/11 3:30 a.m.30 views

Froxlor vulnerable to business logic errors

Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22...

3.8CVSS7AI score0.00477EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2023/08/11 1:15 a.m.29 views

CVE-2023-4304

Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0...

3.8CVSS4.5AI score0.00477EPSS
Exploits1References2
Prion
Prion
added 2023/08/11 1:15 a.m.11 views

Code injection

Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0...

3.3CVSS3.7AI score0.00477EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/08/11 12:0 a.m.42 views

CVE-2023-4304

CVE-2023-4304 concerns Froxlor (froxlor/froxlor) with business logic errors in versions prior to 2.0.22 and 2.1.0. Connected documents identify the affected software as Froxlor and describe the issue as a logic/design flaw in the application rather than a low-level vulnerability in a library. Mit...

3.8CVSS4.2AI score0.00477EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/08/11 12:0 a.m.23 views

CVE-2023-4304 Business Logic Errors in froxlor/froxlor

Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0...

3.8CVSS4.4AI score0.00477EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/08/11 12:0 a.m.4 views

Froxlor Security Vulnerability

Froxlor is a lightweight server management software from the Froxlor team. A security vulnerability exists in Froxlor that stems from the presence of a business logic error...

3.8CVSS6.8AI score0.00477EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/08/11 12:0 a.m.2 views

PT-2023-28670 · Froxlor · Froxlor

Name of the Vulnerable Software and Affected Versions: froxlor versions prior to 2.0.22 froxlor version 2.1.0 Description: The issue concerns Business Logic Errors in the GitHub repository froxlor/froxlor. Recommendations: For versions prior to 2.0.22, update to version 2.0.22 or later. For versi...

3.8CVSS4AI score0.00477EPSS
Exploits1References7
CNVD
CNVD
added 2023/07/18 12:0 a.m.21 views

Froxlor Command Execution Vulnerability

Froxlor is a set of lightweight server management software from the Froxlor team. A command execution vulnerability exists in versions prior to froxlor 2.0.21 that stems from an output encoding or escaping error. An attacker can exploit the vulnerability to cause command execution...

9.1CVSS6.8AI score0.00835EPSS
Exploits1References1
Veracode
Veracode
added 2023/07/17 7:52 a.m.15 views

Remote Code Execution

Froxlor is vulnerable to Remote Code Execution. The vulnerability is due to not sanitizing or escaping the export configuration values/output. This leads to attacker including PHP code inside export configuration .json leading to RCE when the same configuration is executed when accessed by a...

7.2CVSS7.4AI score0.00835EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/07/14 3:32 a.m.12 views

GHSA-C6V5-PF66-XFQ8 Froxlor vulnerable to Improper Encoding or Escaping of Output

Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21...

9.1CVSS7.1AI score0.00835EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2023/07/14 3:32 a.m.21 views

Froxlor vulnerable to Improper Encoding or Escaping of Output

Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21...

9.1CVSS7AI score0.00835EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2023/07/14 1:15 a.m.39 views

CVE-2023-3668

Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21...

9.1CVSS0.00835EPSS
Exploits1References2
Prion
Prion
added 2023/07/14 1:15 a.m.12 views

Input validation

Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21...

5.8CVSS7AI score0.00835EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/07/14 12:0 a.m.38 views

CVE-2023-3668 Improper Encoding or Escaping of Output in froxlor/froxlor

Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21...

9.1CVSS7.2AI score0.00835EPSS
Exploits1References2
OSV
OSV
added 2023/07/14 12:0 a.m.29 views

CVE-2023-3668 Improper Encoding or Escaping of Output in froxlor/froxlor

Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21...

9.1CVSS8.2AI score0.00835EPSS
Exploits1References4
CVE
CVE
added 2023/07/14 12:0 a.m.48 views

CVE-2023-3668

CVE-2023-3668 affects Froxlor (froxlor/froxlor) prior to version 2.0.21. The root cause is an improper encoding or escaping of output in the repository, which enables a command-execution vulnerability. Multiple sources confirm the impact as command execution in versions before 2.0.21. Remediation...

9.1CVSS7.1AI score0.00835EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder