661 matches found
SUSE CVE-2023-0566
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in froxlor/froxlor prior to 2.0.10...
SUSE CVE-2023-0671
Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...
Privilege Escalation
froxlor/froxlor is vulnerable to Privilege Escalation. The vulnerability exists due to improper validation of user uploaded files, which allows an attacker to inject and execute malicious code into the system, resulting in privilege escalation...
HTML Injection
froxlor/froxlor is vulnerable to HTML Injection. The vulnerability is due to the Interval Time in the Dropdown Menu of the cronjob page, which doesn't validate the input, allowing an attacker to change to time to a stored HTML Injection due to the update function in Cronjobs.php...
Weak Password Requirements
froxlor/froxlor is vulnerable to Weak Password Requirements. The vulnerability exists in add and update functions of DirProtections.php, which allows users to create weak passwords resulting in account takeovers via bruteforce attacks...
Information Disclosure
froxlor/froxlor is vulnerable to Information Disclosure. A remote attacker is able to gain access to unauthorized user data via a failed prepared SQL query due to an unchecked error condition, resulting in the disclosure of sensitive information...
SQL Injection
froxlor/froxlor is vulnerable to SQL Injection. The vulnerability exists in the Database parameter in errorreport.php due to improperly validated parameters, allowing a remote attacker to inject arbitrary SQL commands...
froxlor is vulnerable to privilege escalation from customer to root via directory-options
Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...
GHSA-9FQC-9CPR-W73Q froxlor is vulnerable to privilege escalation from customer to root via directory-options
Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...
CVE-2023-0671
Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...
Code injection
Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...
PT-2023-16442 · Froxlor · Froxlor
Name of the Vulnerable Software and Affected Versions: froxlor versions prior to 2.0.10 Description: The issue concerns code injection in the GitHub repository froxlor/froxlor. Recommendations: For versions prior to 2.0.10, update to version 2.0.10 or later to resolve the issue...
Froxlor 代码注入漏洞
Froxlor is a lightweight server management software from the Froxlor team. A code injection vulnerability exists in Froxlor versions prior to 2.0.10, which can be exploited by an attacker to gain root privileges...
CVE-2023-0671 Code Injection in froxlor/froxlor
Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...
CVE-2023-0671 Code Injection in froxlor/froxlor
Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...
CVE-2023-0671
Froxlor vulnerability CVE-2023-0671 affects froxlor/froxlor prior to version 2.0.10. Root cause is code injection in the project, with potential privilege escalation to root (as indicated by related advisories). The fix is to update to version 2.0.10 or later. Exploitation details are not provide...
CVE-2023-0671 Code Injection in froxlor/froxlor
Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...
Froxlor contains Static Code Injection
Static Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...
Froxlor contains Business Logic Errors
Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10...
GHSA-W7W4-QJGG-372X Froxlor contains Static Code Injection
Static Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...