Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
PydioCells

3 matches found

CVE
CVEadded 2020/06/05 1:15 p.m.64 views

CVE-2020-12848

In Pydio Cells 2.0.4, once an authenticated user shares a file selecting the create a public link option, a hidden shared user account is created in the backend with a random username. An anonymous user that obtains a valid public link can get the associated hidden account username and password and...

5.8CVSS5.9AI score0.0051EPSS
CVE
CVEadded 2020/06/05 1:15 p.m.64 views

CVE-2020-12849

Pydio Cells 2.0.4 allows any user to upload a profile image to the web application, including standard and shared user roles. These profile pictures can later be accessed directly with the generated URL by any unauthenticated or authenticated user.

5.4CVSS5.9AI score0.0063EPSS
CVE
CVEadded 2023/06/08 9:15 p.m.46 views

CVE-2023-32751

Pydio Cells through 4.1.2 allows XSS. Pydio Cells implements the download of files using presigned URLs which are generated using the Amazon AWS SDK for JavaScript [1]. The secrets used to sign these URLs are hardcoded and exposed through the JavaScript files of the web application. Therefore, it i...

5.4CVSS5.3AI score0.00795EPSS