pyload pyload/pyload - 9 CVEs, 1 Versions

CVE-2024-1240

An open redirection vulnerability exists in pyload/pyload version 0.5.0. The vulnerability is due to improper handling of the 'next' parameter in the login functionality. An attacker can exploit this vulnerability to redirect users to malicious sites, which can be used for phishing or other malicious activities. The issue is fixed in pyload-ng 0.5.0b3.dev79.

MEDIUM Nov 15, 2024

CVE-2023-0488

Cross-site Scripting (XSS) - Stored in GitHub repository pyload/pyload prior to 0.5.0b3.dev42.

CRITICAL Jan 26, 2023

CVE-2023-0509

Improper Certificate Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev44.

HIGH Jan 26, 2023

CVE-2023-0434

Improper Input Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev40.

MEDIUM Jan 22, 2023

CVE-2023-0435

Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41.

MEDIUM Jan 22, 2023

CVE-2023-0297

Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31.

CRITICAL Jan 14, 2023

CVE-2023-0227

Insufficient Session Expiration in GitHub repository pyload/pyload prior to 0.5.0b3.dev36.

HIGH Jan 12, 2023

CVE-2023-0057

Improper Restriction of Rendered UI Layers or Frames in GitHub repository pyload/pyload prior to 0.5.0b3.dev33.

LOW Jan 05, 2023

CVE-2023-0055

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32.

LOW Jan 04, 2023

pyload/pyload

Versions

unspecified

Recent CVEs