Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2026/01/03 9:18 p.m.3 views

CVE-2025-34171 CasaOS <= 0.4.15 Unauthenticated File and Debug Data Exposure

CasaOS versions up to and including 0.4.15 expose multiple unauthenticated endpoints that allow remote attackers to retrieve sensitive configuration files and system debug information. The /v1/users/image endpoint can be abused with a user-controlled path parameter to access files under...

6.9CVSS6.2AI score0.00548EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/07/26 12:0 a.m.22 views

CVE-2024-42007

SPX aka php-spx through 0.4.15 allows SPXUIURI Directory Traversal to read arbitrary files...

5.8CVSS6.9AI score0.00639EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/07/26 12:0 a.m.10 views

PT-2024-29686 · Spx · Spx

Name of the Vulnerable Software and Affected Versions: SPX aka php-spx versions 0.4.15 and earlier Description: The issue allows for SPX UI URI Directory Traversal, enabling the reading of arbitrary files. Recommendations: For SPX aka php-spx versions 0.4.15 and earlier, consider restricting acce...

5.8CVSS7.2AI score0.00639EPSS
Exploits1References6
CBLMariner
CBLMariner
added 2022/04/26 10:5 p.m.47 views

CVE-2020-25219 affecting package libproxy for versions less than 0.4.15-20

CVE-2020-25219 affecting package libproxy for versions less than 0.4.15-20. A patched version of the package is available...

7.5CVSS7.8AI score0.04284EPSS
Exploits1
OSV
OSV
added 2020/09/30 6:15 p.m.5 views

UBUNTU-CVE-2020-26154

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header...

9.8CVSS7.6AI score0.03569EPSS
Exploits0References3
OSV
OSV
added 2020/09/09 9:15 p.m.7 views

AZL-7270 CVE-2020-25219 affecting package libproxy for versions less than 0.4.15-20

url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion...

7.5CVSS7.1AI score0.04284EPSS
Exploits1References1
Rows per page
Query Builder