CVE-2023-50473

Cross-Site Scripting XSS vulnerability in bill-ahmed qbit-matUI version 1.16.4, allows remote attackers to obtain sensitive information via fixed session identifiers SID in index.js file...

EUVD-2025-25195

Malicious code in bioql PyPI...

Path Traversal

qbitmanage is vulnerable to Path Traversal. The vulnerability is due to improper validation of the backupid parameter in the restoreconfigfrombackup endpoint, which allows an attacker to bypass directory restrictions and read arbitrary files from the server filesystem...

CVE-2025-55295

A path traversal vulnerability exists in qbitmanage's web API that allows authenticated users to read arbitrary files from the server filesystem through the restoreconfigfrombackup endpoint. The vulnerability allows attackers to bypass directory restrictions and read arbitrary files from the serv...

CVE-2025-55295

CVE-2025-55295 is a path traversal flaw in qBit Manage’s web API. Authenticated users can bypass directory restrictions via the backup_id parameter in the restore_config_from_backup endpoint, allowing reading of arbitrary server files. The issue affects qBit Manage prior to version 4.5.4. The fix...

CVE-2025-55295 qBit Manage Path Traversal Vulnerability

qBit Manage is a tool that helps manage tedious tasks in qBittorrent and automate them. A path traversal vulnerability exists in qbitmanage's web API that allows authenticated users to read arbitrary files from the server filesystem through the restoreconfigfrombackup endpoint. The vulnerability...

CVE-2025-55295 qBit Manage Path Traversal Vulnerability

qBit Manage is a tool that helps manage tedious tasks in qBittorrent and automate them. A path traversal vulnerability exists in qbitmanage's web API that allows authenticated users to read arbitrary files from the server filesystem through the restoreconfigfrombackup endpoint. The vulnerability...

CVE-2025-55295 qBit Manage Path Traversal Vulnerability

qBit Manage is a tool that helps manage tedious tasks in qBittorrent and automate them. A path traversal vulnerability exists in qbitmanage's web API that allows authenticated users to read arbitrary files from the server filesystem through the restoreconfigfrombackup endpoint. The vulnerability...

qBit Manage 路径遍历漏洞

qBit Manage is an open source seed management tool by StuffAnThings. A path traversal vulnerability exists in qBit Manage, which stems from the presence of path traversal in the web API, which could lead to reading arbitrary files...

PT-2025-33819 · Unknown · Qbit Manage

Name of the Vulnerable Software and Affected Versions: qBit Manage versions prior to 4.5.4 Description: A path traversal vulnerability exists in qBit Manage's web API that allows authenticated users to read arbitrary files from the server filesystem. The vulnerability is located in the restore...

CVE-2023-50473

Cross-Site Scripting XSS vulnerability in bill-ahmed qbit-matUI version 1.16.4, allows remote attackers to obtain sensitive information via fixed session identifiers SID in index.js file...

CVE-2023-50473

Cross-Site Scripting XSS vulnerability in bill-ahmed qbit-matUI version 1.16.4, allows remote attackers to obtain sensitive information via fixed session identifiers SID in index.js file...

Cross site scripting

Cross-Site Scripting XSS vulnerability in bill-ahmed qbit-matUI version 1.16.4, allows remote attackers to obtain sensitive information via fixed session identifiers SID in index.js file...

qBit MatUI Security Vulnerability

qBit MatUI is a material WebUI for qBittorrent by the individual developer Bilal Ahmed. A security vulnerability exists in qBit MatUI version 1.16.4, which stems from the presence of a cross-site scripting XSS vulnerability that allows remote attackers to obtain sensitive information via a fixed...

PT-2023-31574 · Unknown · Bill-Ahmed Qbit-Matui

Name of the Vulnerable Software and Affected Versions: bill-ahmed qbit-matUI version 1.16.4 Description: The issue is a Cross-Site Scripting XSS vulnerability that allows remote attackers to obtain sensitive information via fixed session identifiers SID in the index.js file. This vulnerability...

CVE-2023-50473

CVE-2023-50473 affects bill-ahmed qbit-matUI v1.16.4. The issue is a Cross-Site Scripting (XSS) vulnerability that allows remote attackers to obtain sensitive information via fixed session identifiers (SID) in the index.js file. Connected sources also indicate a remediation path: update to a newe...

qBit /pages/getPage parameter p SQL Injection

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.api.request import req from pocsuite.api.poc import register from pocsuite.api.poc import Output, POCBase import re import random import hashlib class TestPOCPOCBase: vulID = '1' ssvid version = '1.0' author =...