Lucene search
K

22 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:33 a.m.6 views

CVE-2024-39162

pyspider through 0.3.10 allows /update XSS. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

6.1CVSS6.8AI score0.00403EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:33 a.m.9 views

CVE-2024-39163

binux pyspider up to v0.3.10 was discovered to contain a Cross-Site Request Forgery CSRF via the Flask endpoints...

8.8CVSS7.5AI score0.00223EPSS
Exploits0References1
OSV
OSV
added 2024/12/04 6:32 p.m.8 views

GHSA-PQJ8-XHCX-PRXM pyspider Cross-Site Request Forgery (CSRF) via the Flask endpoints

binux pyspider up to v0.3.10 was discovered to contain a Cross-Site Request Forgery CSRF via the Flask endpoints...

8.8CVSS8.9AI score0.00223EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/12/04 6:32 p.m.15 views

pyspider Cross-Site Request Forgery (CSRF) via the Flask endpoints

binux pyspider up to v0.3.10 was discovered to contain a Cross-Site Request Forgery CSRF via the Flask endpoints...

8.8CVSS7.7AI score0.00223EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2024/12/04 5:41 p.m.2 views

Cross-site Request Forgery (CSRF)

Overview pyspider is an A Powerful Spider System in Python Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the Flask endpoints. An attacker can manipulate the state of the application. Remediation There is no fixed version for pyspider. References -...

8.8CVSS7AI score0.00223EPSS
Exploits0References2
OSV
OSV
added 2024/12/04 5:15 p.m.1 views

CVE-2024-39163

binux pyspider up to v0.3.10 was discovered to contain a Cross-Site Request Forgery CSRF via the Flask endpoints...

8.8CVSS5.7AI score0.00223EPSS
Exploits0References2
NVD
NVD
added 2024/12/04 5:15 p.m.12 views

CVE-2024-39163

binux pyspider up to v0.3.10 was discovered to contain a Cross-Site Request Forgery CSRF via the Flask endpoints...

8.8CVSS0.00223EPSS
Exploits0References2
CVE
CVE
added 2024/12/04 12:0 a.m.58 views

CVE-2024-39163

The CVE-2024-39163 entry concerns binux/pyspider up to v0.3.10, with a Cross‑Site Request Forgery (CSRF) vulnerability through the Flask endpoints. Affected component: pyspider’s Flask endpoints (web UI). Root cause: CSRF exposure enabling state manipulation via Flask routes (details consistent a...

8.8CVSS7.6AI score0.00223EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/04 12:0 a.m.10 views

CVE-2024-39163

binux pyspider up to v0.3.10 was discovered to contain a Cross-Site Request Forgery CSRF via the Flask endpoints...

8.9AI score0.00223EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/04 12:0 a.m.20 views

CVE-2024-39163

binux pyspider up to v0.3.10 was discovered to contain a Cross-Site Request Forgery CSRF via the Flask endpoints...

0.00223EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/04 12:0 a.m.4 views

pyspider 安全漏洞

pyspider is a powerful web crawler system open-sourced by Roy Binux. A security vulnerability exists in pyspider v0.3.10 and earlier versions, which stems from vulnerability to cross-site request forgery initiated via a Flask endpoint...

8.8CVSS6.5AI score0.00223EPSS
Exploits0References2
OSV
OSV
added 2024/11/29 6:35 a.m.6 views

GHSA-X4X5-JX9J-MMV7 pyspider Cross-site Scripting vulnerability

pyspider through 0.3.10 allows /update XSS. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

6.1CVSS6.2AI score0.00403EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/11/29 6:35 a.m.12 views

pyspider Cross-site Scripting vulnerability

pyspider through 0.3.10 allows /update XSS. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

6.1CVSS6.9AI score0.00403EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/11/29 6:15 a.m.18 views

CVE-2024-39162

pyspider through 0.3.10 allows /update XSS. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

6.1CVSS0.00403EPSS
Exploits0References3
OSV
OSV
added 2024/11/29 6:15 a.m.6 views

CVE-2024-39162

pyspider through 0.3.10 allows /update XSS. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

6.1CVSS6.3AI score
Exploits0References3
Snyk
Snyk
added 2024/11/29 5:40 a.m.4 views

Cross-site Scripting (XSS)

Overview pyspider is an A Powerful Spider System in Python Affected versions of this package are vulnerable to Cross-site Scripting XSS through the /update endpoint due to improper sanitization of the name parameter. Note: To successfully exploit this vulnerability in a real-life scenario, the...

6.1CVSS5.3AI score0.00403EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/29 12:0 a.m.4 views

PySpider 安全漏洞

pyspider is a powerful web crawler system open-sourced by Roy Binux. A security vulnerability exists in PySpider version 0.3.10 and earlier, which stems from a failure to properly clean up the name parameter, allowing cross-site scripting attacks via the /update endpoint...

6.1CVSS5.9AI score0.00403EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/29 12:0 a.m.19 views

CVE-2024-39162

pyspider through 0.3.10 allows /update XSS. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

6.9AI score0.00403EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/11/29 12:0 a.m.4 views

PT-2024-28372 · Pyspider · Pyspider

Name of the Vulnerable Software and Affected Versions: pyspider versions 0.3.10 and earlier Description: The issue allows for Cross Site Scripting XSS via the /update endpoint. This affects products that are no longer supported by the maintainer. Recommendations: For versions 0.3.10 and earlier, ...

6.1CVSS6.2AI score0.00403EPSS
Exploits0References9
Cvelist
Cvelist
added 2024/11/29 12:0 a.m.21 views

CVE-2024-39162

pyspider through 0.3.10 allows /update XSS. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

0.00403EPSS
Exploits0References3
Rows per page
Query Builder