Froxlor 跨站脚本漏洞

Froxlor is a lightweight server management software from the Froxlor team. A cross-site scripting vulnerability exists in versions of Froxlor prior to 0.10.39 that stems from command injection...

CVE-2022-3721

CVE-2022-3721 : Froxlor prior to version 0.10.39 contains a reported Code Injection vulnerability. Public sources describe impact as code execution paths arising from injection in Froxlor/froxlor, with remediation advising upgrade to 0.10.39 or later. Administrative impact is consistent with code...

CVE-2022-3721 Code Injection in froxlor/froxlor

Code Injection in GitHub repository froxlor/froxlor prior to 0.10.39...

CVE-2022-3721 Code Injection in froxlor/froxlor

Code Injection in GitHub repository froxlor/froxlor prior to 0.10.39...

PT-2022-23878 · Froxlor · Froxlor

Name of the Vulnerable Software and Affected Versions: Froxlor versions prior to 0.10.39 Description: The issue concerns a Code Injection problem. It is reported that Froxlor is vulnerable to this issue. Recommendations: For versions prior to 0.10.39, update to version 0.10.39 or later to resolve...

CVE-2022-3721 Code Injection in froxlor/froxlor

Code Injection in GitHub repository froxlor/froxlor prior to 0.10.39...

Cross-Site Request Forgery (CSRF)

froxlor/froxlor is vulnerable to cross-site request forgery. The vulnerability exists due to the lack of security checks in the deleting api keys in apikeys.php, allowing an attacker to delete the api keys with the specified id by redirecting to the api key deletion endpoint through the GET reque...

Froxlor vulnerable to Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF in GitHub repository froxlor/froxlor prior to 0.10.38...

GHSA-9XGP-3MXP-RV7X Froxlor vulnerable to Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF in GitHub repository froxlor/froxlor prior to 0.10.38...

CVE-2022-3017

Cross-Site Request Forgery CSRF in GitHub repository froxlor/froxlor prior to 0.10.38...

CVE-2022-3017

Cross-Site Request Forgery CSRF in GitHub repository froxlor/froxlor prior to 0.10.38...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF in GitHub repository froxlor/froxlor prior to 0.10.38...

CVE-2022-3017 Cross-Site Request Forgery (CSRF) in froxlor/froxlor

Cross-Site Request Forgery CSRF in GitHub repository froxlor/froxlor prior to 0.10.38...

CVE-2022-3017

CVE-2022-3017 describes a Cross‑Site Request Forgery (CSRF) vulnerability in the Froxlor project (froxlor/froxlor) affecting versions prior to 0.10.38. The issue allows unauthorized actions to be performed in the authenticated context of Froxlor web applications. The available connected sources c...

CVE-2022-3017 Cross-Site Request Forgery (CSRF) in froxlor/froxlor

Cross-Site Request Forgery CSRF in GitHub repository froxlor/froxlor prior to 0.10.38...

Froxlor 跨站请求伪造漏洞

Froxlor is a lightweight server management software from the Froxlor team. A cross-site request forgery vulnerability exists in Froxlor versions prior to 0.10.38. An attacker could exploit this vulnerability to perform cross-site request forgery attacks...

PT-2022-20019 · Froxlor · Froxlor

Name of the Vulnerable Software and Affected Versions: froxlor versions prior to 0.10.38 Description: The issue is related to Cross-Site Request Forgery CSRF in the GitHub repository froxlor/froxlor. CSRF is an attack that tricks a user into performing unintended actions on a web application that...

Froxlor SQL injection vulnerability

Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name...

GHSA-6FVW-X6GW-4WV8 Froxlor SQL injection vulnerability

Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name...

Froxlor Information Disclosure

An issue was discovered in Froxlor before 0.10.14. It created files with static names in /tmp during installation if the installation directory was not writable. This allowed local attackers to cause DoS or disclose information out of the config files, because of createUserdataConf in...