661 matches found
CVE-2023-0316
Path Traversal: '..\filename' in GitHub repository froxlor/froxlor prior to 2.0.0...
CVE-2023-0315
Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8...
Command injection
Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8...
Path traversal
Path Traversal: '..\filename' in GitHub repository froxlor/froxlor prior to 2.0.0...
CVE-2023-0315 Command Injection in froxlor/froxlor
Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8...
CVE-2023-0316 Path Traversal: '\..\filename' in froxlor/froxlor
Path Traversal: '..\filename' in GitHub repository froxlor/froxlor prior to 2.0.0...
PT-2023-16170 · Froxlor · Froxlor
Name of the Vulnerable Software and Affected Versions: froxlor versions prior to 2.0.8 Description: The issue is related to Command Injection in the GitHub repository froxlor/froxlor. There is no information provided about the estimated number of potentially affected devices worldwide or details...
CVE-2023-0316
Froxlor path traversal CVE-2023-0316 affects Froxlor prior to 2.0.0, where a crafted '..\filename' payload enables reading local files due to improper filename handling. Exploitation details are present in connected sources (e.g., PoC demonstrates local file leak via import/export settings). Impa...
CVE-2023-0315 Command Injection in froxlor/froxlor
Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8...
PT-2023-16171 · Froxlor · Froxlor
Name of the Vulnerable Software and Affected Versions: froxlor versions prior to 2.0.0 Description: The issue is related to Path Traversal, where the sequence '..filename' can be used to access files outside the intended directory. This affects the GitHub repository froxlor/froxlor...
Froxlor 安全漏洞
Froxlor is a lightweight server management software from the Froxlor team. A security vulnerability exists in Froxlor versions prior to 2.0.0 that stems from the presence of a path traversal...
CVE-2023-0315
CVE-2023-0315 affects Froxlor, with command injection leading to possible remote code execution on Froxlor versions prior to 2.0.8. Public records and adjacent documents confirm existence of an RCE path in 2.0.3/2.0.6–2.0.7 via a vulnerability exploited by an attacker after authentication (e.g., ...
Froxlor 命令注入漏洞
Froxlor is a lightweight server management software from the Froxlor team. A command injection vulnerability exists in Froxlor versions prior to 2.0.8, which stems from the presence of command injection...
CVE-2023-0316 Path Traversal: '\..\filename' in froxlor/froxlor
Path Traversal: '..\filename' in GitHub repository froxlor/froxlor prior to 2.0.0...
CVE-2023-0315 Command Injection in froxlor/froxlor
Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8...
Froxlor 2.0.6 Remote Command Execution via Arbitrary File Write and Server Side Template Injection
Description Froxlor 2.0.6 Stable is suffering from Remote Command Execution that was achieved by chaining two bugs, the first one is an arbitrary file write on the logging feature, which allows an authenticated attacker to point the log file to any writable path even if it was the web server...
Argument Injection
froxlor/froxlor is vulnerable to argument injection. The vulnerability exists in the multiple functions in the library, allowing an attacker to inject and execute malicious HTML through the theme parameter...
Cross-Site Request Forgery (CSRF)
froxlor/froxlor is vulnerable to cross-site request forgery. The vulnerability exists in the adminapcuinfo.php and adminopcacheinfo.php, allowing an attacker to trick the admin or reseller user to reset the OPCache just by sending the malicious link when the changeserversettings is set to 1...
Froxlor Improper Authorization vulnerability
Improper Authorization in GitHub repository froxlor/froxlor prior to 2.0.0-beta1...
GHSA-W6QF-J4QR-F946 Froxlor Improper Authorization vulnerability
Improper Authorization in GitHub repository froxlor/froxlor prior to 2.0.0-beta1...