cbcvebase.

Froxlor Froxlor vulnerabilities

25 known vulnerabilities affecting froxlor/froxlor_froxlor.

Total CVEs
25
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH9MEDIUM13LOW1

Vulnerabilities

Page 1 of 2
CVE-2023-0315P2HIGHCVSS 8.8PoC≥ unspecified, < 2.0.82023-01-16
CVE-2023-0315 [HIGH] CWE-77 CVE-2023-0315: Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8. Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8.
nvd
CVE-2023-2034P2HIGHCVSS 8.8≥ unspecified, < 2.0.142023-04-14
CVE-2023-2034 [HIGH] CWE-434 CVE-2023-2034: Unrestricted Upload of File with Dangerous Type in GitHub repository froxlor/froxlor prior to 2.0.14 Unrestricted Upload of File with Dangerous Type in GitHub repository froxlor/froxlor prior to 2.0.14.
nvd
CVE-2022-3869P3MEDIUMCVSS 6.1PoC≥ unspecified, < 0.10.38.22022-11-05
CVE-2022-3869 [MEDIUM] CWE-94 CVE-2022-3869: Code Injection in GitHub repository froxlor/froxlor prior to 0.10.38.2. Code Injection in GitHub repository froxlor/froxlor prior to 0.10.38.2.
nvd
CVE-2023-0877P3HIGHCVSS 8.8≥ unspecified, < 2.0.112023-02-17
CVE-2023-0877 [HIGH] CWE-94 CVE-2023-0877: Code Injection in GitHub repository froxlor/froxlor prior to 2.0.11. Code Injection in GitHub repository froxlor/froxlor prior to 2.0.11.
nvd
CVE-2023-1307P3CRITICALCVSS 9.8≥ unspecified, < 2.0.132023-03-10
CVE-2023-1307 [CRITICAL] CWE-305 CVE-2023-1307: Authentication Bypass by Primary Weakness in GitHub repository froxlor/froxlor prior to 2.0.13. Authentication Bypass by Primary Weakness in GitHub repository froxlor/froxlor prior to 2.0.13.
nvd
CVE-2023-0671P3HIGHCVSS 8.8≥ unspecified, < 2.0.102023-02-04
CVE-2023-0671 [HIGH] CWE-94 CVE-2023-0671: Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10. Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10.
nvd
CVE-2023-3173P3CRITICALCVSS 9.8≥ unspecified, < 2.0.202023-06-09
CVE-2023-3173 [CRITICAL] CWE-307 CVE-2023-3173: Improper Restriction of Excessive Authentication Attempts in GitHub repository froxlor/froxlor prior Improper Restriction of Excessive Authentication Attempts in GitHub repository froxlor/froxlor prior to 2.0.20.
nvd
CVE-2023-3172P3HIGHCVSS 7.2≥ unspecified, < 2.0.202023-06-09
CVE-2023-3172 [HIGH] CWE-22 CVE-2023-3172: Path Traversal in GitHub repository froxlor/froxlor prior to 2.0.20. Path Traversal in GitHub repository froxlor/froxlor prior to 2.0.20.
nvd
CVE-2023-0564P3HIGHCVSS 7.5≥ unspecified, < 2.0.102023-01-29
CVE-2023-0564 [HIGH] CWE-521 CVE-2023-0564: Weak Password Requirements in GitHub repository froxlor/froxlor prior to 2.0.10. Weak Password Requirements in GitHub repository froxlor/froxlor prior to 2.0.10.
nvd
CVE-2023-3668P3HIGHCVSS 7.2≥ unspecified, < 2.0.212023-07-14
CVE-2023-3668 [HIGH] CWE-116 CVE-2023-3668: Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21. Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21.
nvd
CVE-2023-1033P4HIGHCVSS 8.8≥ unspecified, < 2.0.112023-02-25
CVE-2023-1033 [HIGH] CWE-352 CVE-2023-1033: Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 2.0.11. Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 2.0.11.
nvd
CVE-2023-2666P4HIGHCVSS 7.5≥ unspecified, < 2.0.162023-05-12
CVE-2023-2666 [HIGH] CWE-770 CVE-2023-2666: Allocation of Resources Without Limits or Throttling in GitHub repository froxlor/froxlor prior to 2 Allocation of Resources Without Limits or Throttling in GitHub repository froxlor/froxlor prior to 2.0.16.
nvd
CVE-2022-3017P4MEDIUMCVSS 6.5≥ unspecified, < 0.10.382022-08-28
CVE-2022-3017 [MEDIUM] CWE-352 CVE-2022-3017: Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 0.10.38. Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 0.10.38.
nvd
CVE-2023-0316P4MEDIUMCVSS 5.5≥ unspecified, < 2.0.02023-01-16
CVE-2023-0316 [MEDIUM] CWE-29 CVE-2023-0316: Path Traversal: '\..\filename' in GitHub repository froxlor/froxlor prior to 2.0.0. Path Traversal: '\..\filename' in GitHub repository froxlor/froxlor prior to 2.0.0.
nvd
CVE-2022-4864P4MEDIUMCVSS 5.4≥ unspecified, < 2.0.0-beta12022-12-30
CVE-2022-4864 [MEDIUM] CWE-88 CVE-2022-4864: Argument Injection in GitHub repository froxlor/froxlor prior to 2.0.0-beta1. Argument Injection in GitHub repository froxlor/froxlor prior to 2.0.0-beta1.
nvd
CVE-2023-0572P4MEDIUMCVSS 5.3≥ unspecified, < 2.0.102023-01-29
CVE-2023-0572 [MEDIUM] CWE-391 CVE-2023-0572: Unchecked Error Condition in GitHub repository froxlor/froxlor prior to 2.0.10. Unchecked Error Condition in GitHub repository froxlor/froxlor prior to 2.0.10.
nvd
CVE-2023-4829P4MEDIUMCVSS 5.4≥ unspecified, < 2.0.222023-10-13
CVE-2023-4829 [MEDIUM] CWE-79 CVE-2023-4829: Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor prior to 2.0.22. Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor prior to 2.0.22.
nvd
CVE-2023-3192P4MEDIUMCVSS 5.4≥ unspecified, < 2.1.02023-06-11
CVE-2023-3192 [MEDIUM] CWE-384 CVE-2023-3192: Session Fixation in GitHub repository froxlor/froxlor prior to 2.1.0. Session Fixation in GitHub repository froxlor/froxlor prior to 2.1.0.
nvd
CVE-2023-0565P4MEDIUMCVSS 4.9≥ unspecified, < 2.0.102023-01-29
CVE-2023-0565 [MEDIUM] CWE-840 CVE-2023-0565: Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10. Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10.
nvd
CVE-2022-3721P4MEDIUMCVSS 4.6≥ unspecified, < 0.10.392022-11-04
CVE-2022-3721 [MEDIUM] CWE-94 CVE-2022-3721: Code Injection in GitHub repository froxlor/froxlor prior to 0.10.39. Code Injection in GitHub repository froxlor/froxlor prior to 0.10.39.
nvd
Froxlor Froxlor vulnerabilities | cvebase