Froxlor Froxlor vulnerabilities
25 known vulnerabilities affecting froxlor/froxlor_froxlor.
Total CVEs
25
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH9MEDIUM13LOW1
Vulnerabilities
Page 1 of 2
CVE-2023-0315P2HIGHCVSS 8.8PoC≥ unspecified, < 2.0.82023-01-16
CVE-2023-0315 [HIGH] CWE-77 CVE-2023-0315: Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8.
Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8.
nvd
CVE-2023-2034P2HIGHCVSS 8.8≥ unspecified, < 2.0.142023-04-14
CVE-2023-2034 [HIGH] CWE-434 CVE-2023-2034: Unrestricted Upload of File with Dangerous Type in GitHub repository froxlor/froxlor prior to 2.0.14
Unrestricted Upload of File with Dangerous Type in GitHub repository froxlor/froxlor prior to 2.0.14.
nvd
CVE-2022-3869P3MEDIUMCVSS 6.1PoC≥ unspecified, < 0.10.38.22022-11-05
CVE-2022-3869 [MEDIUM] CWE-94 CVE-2022-3869: Code Injection in GitHub repository froxlor/froxlor prior to 0.10.38.2.
Code Injection in GitHub repository froxlor/froxlor prior to 0.10.38.2.
nvd
CVE-2023-0877P3HIGHCVSS 8.8≥ unspecified, < 2.0.112023-02-17
CVE-2023-0877 [HIGH] CWE-94 CVE-2023-0877: Code Injection in GitHub repository froxlor/froxlor prior to 2.0.11.
Code Injection in GitHub repository froxlor/froxlor prior to 2.0.11.
nvd
CVE-2023-1307P3CRITICALCVSS 9.8≥ unspecified, < 2.0.132023-03-10
CVE-2023-1307 [CRITICAL] CWE-305 CVE-2023-1307: Authentication Bypass by Primary Weakness in GitHub repository froxlor/froxlor prior to 2.0.13.
Authentication Bypass by Primary Weakness in GitHub repository froxlor/froxlor prior to 2.0.13.
nvd
CVE-2023-0671P3HIGHCVSS 8.8≥ unspecified, < 2.0.102023-02-04
CVE-2023-0671 [HIGH] CWE-94 CVE-2023-0671: Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10.
Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10.
nvd
CVE-2023-3173P3CRITICALCVSS 9.8≥ unspecified, < 2.0.202023-06-09
CVE-2023-3173 [CRITICAL] CWE-307 CVE-2023-3173: Improper Restriction of Excessive Authentication Attempts in GitHub repository froxlor/froxlor prior
Improper Restriction of Excessive Authentication Attempts in GitHub repository froxlor/froxlor prior to 2.0.20.
nvd
CVE-2023-3172P3HIGHCVSS 7.2≥ unspecified, < 2.0.202023-06-09
CVE-2023-3172 [HIGH] CWE-22 CVE-2023-3172: Path Traversal in GitHub repository froxlor/froxlor prior to 2.0.20.
Path Traversal in GitHub repository froxlor/froxlor prior to 2.0.20.
nvd
CVE-2023-0564P3HIGHCVSS 7.5≥ unspecified, < 2.0.102023-01-29
CVE-2023-0564 [HIGH] CWE-521 CVE-2023-0564: Weak Password Requirements in GitHub repository froxlor/froxlor prior to 2.0.10.
Weak Password Requirements in GitHub repository froxlor/froxlor prior to 2.0.10.
nvd
CVE-2023-3668P3HIGHCVSS 7.2≥ unspecified, < 2.0.212023-07-14
CVE-2023-3668 [HIGH] CWE-116 CVE-2023-3668: Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21.
Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21.
nvd
CVE-2023-1033P4HIGHCVSS 8.8≥ unspecified, < 2.0.112023-02-25
CVE-2023-1033 [HIGH] CWE-352 CVE-2023-1033: Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 2.0.11.
Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 2.0.11.
nvd
CVE-2023-2666P4HIGHCVSS 7.5≥ unspecified, < 2.0.162023-05-12
CVE-2023-2666 [HIGH] CWE-770 CVE-2023-2666: Allocation of Resources Without Limits or Throttling in GitHub repository froxlor/froxlor prior to 2
Allocation of Resources Without Limits or Throttling in GitHub repository froxlor/froxlor prior to 2.0.16.
nvd
CVE-2022-3017P4MEDIUMCVSS 6.5≥ unspecified, < 0.10.382022-08-28
CVE-2022-3017 [MEDIUM] CWE-352 CVE-2022-3017: Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 0.10.38.
Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 0.10.38.
nvd
CVE-2023-0316P4MEDIUMCVSS 5.5≥ unspecified, < 2.0.02023-01-16
CVE-2023-0316 [MEDIUM] CWE-29 CVE-2023-0316: Path Traversal: '\..\filename' in GitHub repository froxlor/froxlor prior to 2.0.0.
Path Traversal: '\..\filename' in GitHub repository froxlor/froxlor prior to 2.0.0.
nvd
CVE-2022-4864P4MEDIUMCVSS 5.4≥ unspecified, < 2.0.0-beta12022-12-30
CVE-2022-4864 [MEDIUM] CWE-88 CVE-2022-4864: Argument Injection in GitHub repository froxlor/froxlor prior to 2.0.0-beta1.
Argument Injection in GitHub repository froxlor/froxlor prior to 2.0.0-beta1.
nvd
CVE-2023-0572P4MEDIUMCVSS 5.3≥ unspecified, < 2.0.102023-01-29
CVE-2023-0572 [MEDIUM] CWE-391 CVE-2023-0572: Unchecked Error Condition in GitHub repository froxlor/froxlor prior to 2.0.10.
Unchecked Error Condition in GitHub repository froxlor/froxlor prior to 2.0.10.
nvd
CVE-2023-4829P4MEDIUMCVSS 5.4≥ unspecified, < 2.0.222023-10-13
CVE-2023-4829 [MEDIUM] CWE-79 CVE-2023-4829: Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor prior to 2.0.22.
Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor prior to 2.0.22.
nvd
CVE-2023-3192P4MEDIUMCVSS 5.4≥ unspecified, < 2.1.02023-06-11
CVE-2023-3192 [MEDIUM] CWE-384 CVE-2023-3192: Session Fixation in GitHub repository froxlor/froxlor prior to 2.1.0.
Session Fixation in GitHub repository froxlor/froxlor prior to 2.1.0.
nvd
CVE-2023-0565P4MEDIUMCVSS 4.9≥ unspecified, < 2.0.102023-01-29
CVE-2023-0565 [MEDIUM] CWE-840 CVE-2023-0565: Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10.
Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10.
nvd
CVE-2022-3721P4MEDIUMCVSS 4.6≥ unspecified, < 0.10.392022-11-04
CVE-2022-3721 [MEDIUM] CWE-94 CVE-2022-3721: Code Injection in GitHub repository froxlor/froxlor prior to 0.10.39.
Code Injection in GitHub repository froxlor/froxlor prior to 0.10.39.
nvd
1 / 2Next →