Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
PydioCells2.2.9

3 matches found

CVE
CVEadded 2021/09/30 9:15 p.m.38 views

CVE-2021-41324

Directory traversal in the Copy, Move, and Delete features in Pydio Cells 2.2.9 allows remote authenticated users to enumerate personal files (or Cells files belonging to any user) via the nodes parameter (for Copy and Move) or via the Path parameter (for Delete).

6.5CVSS6.2AI score0.00374EPSS
CVE
CVEadded 2021/09/30 7:15 p.m.35 views

CVE-2021-41325

Broken access control for user creation in Pydio Cells 2.2.9 allows remote anonymous users to create standard users via the profile parameter. (In addition, such users can be granted several admin permissions via the Roles parameter.)

6.5CVSS6.4AI score0.00209EPSS
CVE
CVEadded 2021/09/30 7:15 p.m.27 views

CVE-2021-41323

Directory traversal in the Compress feature in Pydio Cells 2.2.9 allows remote authenticated users to overwrite personal files, or Cells files belonging to any user, via the format parameter.

6.5CVSS6.2AI score0.0028EPSS