8 matches found
📄 RomM Cross Site Scripting / File Upload
RomM versions prior to 4.4.1 chained vulnerabilities exploit that leverages file upload to achieve cross site scripting that then leverages csrf token reuse to change a user's password. Exploit Title: RomM Application tab or Storage on Firefox Cookies - Copy the rommcsrftoken cookie value 3...
CVE-2025-65027
RomM ROM Manager allows users to scan, enrich, browse and play their game collections with a clean and responsive interface. RomM contains multiple unrestricted file upload vulnerabilities that allow authenticated users to upload malicious SVG or HTML files. When these files are accessed the...
CVE-2025-65096
RomM (ROM Manager) prior to versions 4.4.1 and 4.4.1-beta.2 is vulnerable to Insecure Direct Object Reference (IDOR): an API access flaw that allows reading private or smart collections belonging to other users by directly supplying collection IDs, due to missing ownership verification/public/pri...
Romm 安全漏洞
Romm is a beautiful, powerful, self-hostable ROM manager and player open-sourced by The RomM Project. A security vulnerability exists in Romm versions prior to 4.4.1 and prior to 4.4.1-beta.2, which stems from a lack of ownership validation and could lead to reading other users' private collectio...
CVE-2025-54071
RomM ROM Manager allows users to scan, enrich, browse and play their game collections with a clean and responsive interface. In versions 4.0.0-beta.3 and below, an authenticated arbitrary file write vulnerability exists in the /api/saves endpoint. This can lead to Remote Code Execution on the...
CVE-2025-53908
RomM is a self-hosted rom manager and player. Versions prior to 3.10.3 and 4.0.0-beta.3 have an authenticated path traversal vulnerability in the /api/raw endpoint. Anyone running the latest version of RomM and has multiple users, even unprivileged users, such as the kiosk user in the official...
CVE-2025-53908 RomM vulnerable to Authenticated Path Traversal
RomM is a self-hosted rom manager and player. Versions prior to 3.10.3 and 4.0.0-beta.3 have an authenticated path traversal vulnerability in the /api/raw endpoint. Anyone running the latest version of RomM and has multiple users, even unprivileged users, such as the kiosk user in the official...
CVE-2025-53908 RomM vulnerable to Authenticated Path Traversal
RomM is a self-hosted rom manager and player. Versions prior to 3.10.3 and 4.0.0-beta.3 have an authenticated path traversal vulnerability in the /api/raw endpoint. Anyone running the latest version of RomM and has multiple users, even unprivileged users, such as the kiosk user in the official...