Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
PydioCells

3 matches found

CVE
CVEadded 2019/06/20 12:15 a.m.195 views

CVE-2019-12902

Pydio Cells before 1.5.0 does incomplete cleanup of a user's data upon deletion. This allows a new user, holding the same User ID as a deleted user, to restore the deleted user's data.

6.5CVSS6.4AI score0.00327EPSS
CVE
CVEadded 2019/06/20 12:15 a.m.181 views

CVE-2019-12901

Pydio Cells before 1.5.0 fails to neutralize '../' elements, allowing an attacker with minimum privilege to Upload files to, and Delete files/folders from, an unprivileged directory, leading to Privilege escalation.

8.8CVSS8.7AI score0.00721EPSS
CVE
CVEadded 2019/06/20 12:15 a.m.173 views

CVE-2019-12903

Pydio Cells before 1.5.0, when supplied with a Name field in an unexpected Unicode format, fails to handle this and includes the database column/table name as pert of the error message, exposing sensitive information.

4.3CVSS4.5AI score0.00226EPSS