6 matches found
CVE-2024-50649
The user avatar upload function in pythonbook V1.0 has an arbitrary file upload vulnerability...
CVE-2024-50650
pythonbook V1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter...
CVE-2024-50649
The CVE-2024-50649 entry describes an arbitrary file upload vulnerability in the user avatar upload function of python_book V1.0. Affected component: user avatar upload handler in python_book. Root cause: arbitrary file upload capability enabling potentially unsafe files to be uploaded. Impact: a...
CVE-2024-50650
Python_book V1.0 is affected by an Incorrect Access Control vulnerability that lets an attacker obtain sensitive information of users by modifying the ID parameter. Root cause appears to be inadequate authorization for ID-based requests. Reported across multiple sources (NVD, Red Hat, CNNVD, CVE ...
CVE-2024-50650
pythonbook V1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter...
CVE-2024-50649
The user avatar upload function in pythonbook V1.0 has an arbitrary file upload vulnerability...