Allen Disk Security Vulnerabilities and Issues — Allen Disk CVE List

Lucene search

Allen Disk ProjectAllen Disk

3 matches found

CVE•added 2017/05/08 6:29 a.m.•41 views

CVE-2017-8832

Allen Disk 1.6 has XSS in the id parameter to downfile.php.

6.1CVSS5.9AI score0.00305EPSS

CVE•added 2017/05/08 5:29 p.m.•39 views

CVE-2017-8848

Allen Disk 1.6 has CSRF in setpass.php with an impact of changing a password.

6.5CVSS6.5AI score0.00098EPSS

CVE•added 2017/05/31 4:29 a.m.•39 views

CVE-2017-9307

SSRF vulnerability in remotedownload.php in Allen Disk 1.6 allows remote authenticated users to conduct port scans and access intranet servers via a crafted file parameter.

6.5CVSS6.1AI score0.00187EPSS