Lucene search
K

6 matches found

CNNVD
CNNVD
added 2026/05/07 12:0 a.m.13 views

Wallos 代码问题漏洞

Wallos is an open-source personal subscription tracker developed by Miguel Ribeiro. Versions of Wallos prior to 4.8.1 contained code vulnerabilities. These vulnerabilities stemmed from the SSRF protection mechanism not preventing the CGNAT address range, which could allow authenticated users to...

4.3CVSS5.9AI score0.00204EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.7 views

Wallos 代码问题漏洞

Wallos is an open-source personal subscription tracker developed by Miguel Ribeiro. Versions of Wallos prior to 4.7.2 had code vulnerabilities. These vulnerabilities stemmed from the fact that the password reset token never expired, allowing attackers to use it at any time after intercepting the...

7.1CVSS5.9AI score0.00264EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.9 views

Wallos 跨站脚本漏洞

Wallos is an open-source personal subscription tracker developed by Miguel Ribeiro. Versions of Wallos prior to 4.6.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from the fact that the $GET parameter was directly output as an HTML input value attribute without being...

6.9CVSS5.6AI score0.00283EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.11 views

Wallos 代码问题漏洞

Wallos is an open-source personal subscription tracker developed by Miguel Ribeiro. Versions of Wallos prior to 4.6.2 had code-related vulnerabilities, which stemmed from server-side request forgeing in the notification tester...

8.8CVSS7.3AI score0.00497EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.8 views

Wallos 安全漏洞

Wallos is an open source personal subscription tracker by the individual developer Miguel Ribeiro. A security vulnerability exists in Wallos 2.38.2 and earlier versions, which stems from a recovery database feature that allows unauthenticated users to upload malicious files, potentially leading t...

9.8CVSS6.9AI score0.00554EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/04/30 12:0 a.m.8 views

Wallos SQL注入漏洞

Wallos is an open source personal subscription tracker by the individual developer Miguel Ribeiro. A SQL injection vulnerability exists in Wallos versions prior to 1.15.3, which originates from an easy SQL injection via the category and payment parameters of /subscriptions/get.php...

8.1CVSS7.9AI score0.00673EPSS
Exploits1References4
Rows per page
Query Builder