Lucene search
K

661 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:21 a.m.1 views

SUSE CVE-2023-0566

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in froxlor/froxlor prior to 2.0.10...

6.2CVSS5AI score0.00439EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:21 a.m.3 views

SUSE CVE-2023-0671

Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...

9.9CVSS9.4AI score0.01119EPSS
Exploits1References3
Veracode
Veracode
added 2023/02/08 8:8 a.m.17 views

Privilege Escalation

froxlor/froxlor is vulnerable to Privilege Escalation. The vulnerability exists due to improper validation of user uploaded files, which allows an attacker to inject and execute malicious code into the system, resulting in privilege escalation...

8.8CVSS8.6AI score0.01119EPSS
Exploits1References3Affected Software1
Veracode
Veracode
added 2023/02/07 10:31 a.m.15 views

HTML Injection

froxlor/froxlor is vulnerable to HTML Injection. The vulnerability is due to the Interval Time in the Dropdown Menu of the cronjob page, which doesn't validate the input, allowing an attacker to change to time to a stored HTML Injection due to the update function in Cronjobs.php...

6.2CVSS5.6AI score0.00439EPSS
Exploits1References5Affected Software1
Veracode
Veracode
added 2023/02/07 9:32 a.m.14 views

Weak Password Requirements

froxlor/froxlor is vulnerable to Weak Password Requirements. The vulnerability exists in add and update functions of DirProtections.php, which allows users to create weak passwords resulting in account takeovers via bruteforce attacks...

7.5CVSS7.2AI score0.00455EPSS
Exploits1References5Affected Software1
Veracode
Veracode
added 2023/02/06 5:40 a.m.21 views

Information Disclosure

froxlor/froxlor is vulnerable to Information Disclosure. A remote attacker is able to gain access to unauthorized user data via a failed prepared SQL query due to an unchecked error condition, resulting in the disclosure of sensitive information...

5.3CVSS5.9AI score0.00667EPSS
Exploits1References4Affected Software1
Veracode
Veracode
added 2023/02/06 4:56 a.m.16 views

SQL Injection

froxlor/froxlor is vulnerable to SQL Injection. The vulnerability exists in the Database parameter in errorreport.php due to improperly validated parameters, allowing a remote attacker to inject arbitrary SQL commands...

5.3CVSS7.4AI score0.00667EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2023/02/04 3:30 a.m.26 views

froxlor is vulnerable to privilege escalation from customer to root via directory-options

Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...

9.9CVSS8.9AI score0.01119EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2023/02/04 3:30 a.m.12 views

GHSA-9FQC-9CPR-W73Q froxlor is vulnerable to privilege escalation from customer to root via directory-options

Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...

8.8CVSS8.9AI score0.01119EPSS
Exploits1References4
NVD
NVD
added 2023/02/04 1:15 a.m.26 views

CVE-2023-0671

Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...

9.9CVSS9.3AI score0.01119EPSS
Exploits1References2
Prion
Prion
added 2023/02/04 1:15 a.m.45 views

Code injection

Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...

6.5CVSS9AI score0.01119EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/02/04 12:0 a.m.3 views

PT-2023-16442 · Froxlor · Froxlor

Name of the Vulnerable Software and Affected Versions: froxlor versions prior to 2.0.10 Description: The issue concerns code injection in the GitHub repository froxlor/froxlor. Recommendations: For versions prior to 2.0.10, update to version 2.0.10 or later to resolve the issue...

9.9CVSS9.4AI score0.01119EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/02/04 12:0 a.m.9 views

Froxlor 代码注入漏洞

Froxlor is a lightweight server management software from the Froxlor team. A code injection vulnerability exists in Froxlor versions prior to 2.0.10, which can be exploited by an attacker to gain root privileges...

9.9CVSS8.4AI score0.01119EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/02/04 12:0 a.m.29 views

CVE-2023-0671 Code Injection in froxlor/froxlor

Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...

9.9CVSS9.2AI score0.01119EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/02/04 12:0 a.m.5 views

CVE-2023-0671 Code Injection in froxlor/froxlor

Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...

9.9CVSS7.7AI score0.01119EPSS
Exploits1References2
CVE
CVE
added 2023/02/04 12:0 a.m.58 views

CVE-2023-0671

Froxlor vulnerability CVE-2023-0671 affects froxlor/froxlor prior to version 2.0.10. Root cause is code injection in the project, with potential privilege escalation to root (as indicated by related advisories). The fix is to update to version 2.0.10 or later. Exploitation details are not provide...

9.9CVSS8.9AI score0.01119EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/02/04 12:0 a.m.14 views

CVE-2023-0671 Code Injection in froxlor/froxlor

Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...

9.9CVSS9.3AI score0.01119EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2023/01/30 12:30 a.m.24 views

Froxlor contains Static Code Injection

Static Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...

6.2CVSS6AI score0.00439EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2023/01/30 12:30 a.m.25 views

Froxlor contains Business Logic Errors

Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10...

5.5CVSS5.5AI score0.00562EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2023/01/30 12:30 a.m.16 views

GHSA-W7W4-QJGG-372X Froxlor contains Static Code Injection

Static Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...

4.8CVSS5.8AI score0.00439EPSS
Exploits1References4
Rows per page
Query Builder