11 matches found
EUVD-2011-5105
Malware in sbrugna...
EUVD-2025-24185
Malicious code in bioql PyPI...
SQL Injection
pyloadng is vulnerable to SQL Injection. The vulnerability is due to improper handling of the addlinks parameter in the /json/addpackage API, which allows an attacker to modify or delete database data leading to errors or loss...
GHSA-PWH4-6R3M-J2RF PyLoad vulnerable to SQL Injection via API /json/add_package in add_links parameter
Summary The parameter addlinks in the API /json/addpackage is vulnerable to SQL Injection. SQL injection vulnerabilities can lead to sensitive data leakage. Details - Affected file:https://github.com/pyload/pyload/blob/develop/src/pyload/core/database/filedatabase.pyL271 - Affected code: python...
PyLoad vulnerable to SQL Injection via API /json/add_package in add_links parameter
Summary The parameter addlinks in the API /json/addpackage is vulnerable to SQL Injection. SQL injection vulnerabilities can lead to sensitive data leakage. Details - Affected file:https://github.com/pyload/pyload/blob/develop/src/pyload/core/database/filedatabase.pyL271 - Affected code: python...
CVE-2025-55156
pyLoad is the free and open-source Download Manager written in pure Python. Prior to version 0.5.0b3.dev91, the parameter addlinks in API /json/addpackage is vulnerable to SQL Injection. Attackers can modify or delete data in the database, causing data errors or loss. This issue has been patched ...
CVE-2025-55156 PyLoad vulnerable to SQL Injection via API /json/add_package in add_links parameter
pyLoad is the free and open-source Download Manager written in pure Python. Prior to version 0.5.0b3.dev91, the parameter addlinks in API /json/addpackage is vulnerable to SQL Injection. Attackers can modify or delete data in the database, causing data errors or loss. This issue has been patched ...
CVE-2025-55156
PyLoad (the Python-based download manager) contains a SQL Injection in the add_links parameter of the /json/add_package API. The issue allows attackers to modify or delete data in the database, causing data errors or loss. A patch was released in version 0.5.0b3.dev91; upgrading to this version (...
CVE-2025-55156 PyLoad vulnerable to SQL Injection via API /json/add_package in add_links parameter
pyLoad is the free and open-source Download Manager written in pure Python. Prior to version 0.5.0b3.dev91, the parameter addlinks in API /json/addpackage is vulnerable to SQL Injection. Attackers can modify or delete data in the database, causing data errors or loss. This issue has been patched ...
CVE-2025-55156 PyLoad vulnerable to SQL Injection via API /json/add_package in add_links parameter
pyLoad is the free and open-source Download Manager written in pure Python. Prior to version 0.5.0b3.dev91, the parameter addlinks in API /json/addpackage is vulnerable to SQL Injection. Attackers can modify or delete data in the database, causing data errors or loss. This issue has been patched ...
CVE-2011-5205
Cross-site scripting XSS vulnerability in audl.php in Rapidleech 2.3 rev42 SVN r358, rev43 SVN r397, and earlier allows remote attackers to inject arbitrary web script or HTML via the links parameter...