CVE-2023-47890
https://notcve.org/view.php?id=CVE-2023-47890
pyLoad 0.5.0 is vulnerable to Unrestricted File Upload. pyLoad 0.5.0 es vulnerable a la carga de archivos sin restricciones. • http://pyload.com https://github.com/pyload/pyload/security/advisories/GHSA-h73m-pcfw-25h2 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-0509 – Improper Certificate Validation in pyload/pyload
https://notcve.org/view.php?id=CVE-2023-0509
Improper Certificate Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev44. Validación de certificado incorrecta en pyload/pyload del repositorio de GitHub antes de 0.5.0b3.dev44. • https://github.com/pyload/pyload/commit/a9098bdf7406e6faf9df3da6ff2d584e90c13bbb https://huntr.dev/bounties/a370e0c2-a41c-4871-ad91-bc6f31a8e839 • CWE-295: Improper Certificate Validation •
CVE-2023-0488 – Cross-site Scripting (XSS) - Stored in pyload/pyload
https://notcve.org/view.php?id=CVE-2023-0488
Cross-site Scripting (XSS) - Stored in GitHub repository pyload/pyload prior to 0.5.0b3.dev42. Cross site scripting (XSS): almacenado en el repositorio de GitHub pyload/pyload anterior a 0.5.0b3.dev42. • https://github.com/pyload/pyload/commit/46d75a3087f3237d06530d55998938e2e2bda6bd https://huntr.dev/bounties/4311d8d7-682c-4f2a-b92c-3f9f1a36255a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-0434 – Improper Input Validation in pyload/pyload
https://notcve.org/view.php?id=CVE-2023-0434
Improper Input Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev40. Validación de entrada incorrecta en pyload/pyload del repositorio de GitHub antes de 0.5.0b3.dev40. • https://github.com/pyload/pyload/commit/a2b1eb1028f45ac58dea5f58593c1d3db2b4a104 https://huntr.dev/bounties/7d9332d8-6997-483b-9fb9-bcf2ae01dad4 • CWE-20: Improper Input Validation •
CVE-2023-0435 – Excessive Attack Surface in pyload/pyload
https://notcve.org/view.php?id=CVE-2023-0435
Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41. Superficie de ataque excesiva en pyload/pyload del repositorio de GitHub anterior a 0.5.0b3.dev41. • https://github.com/pyload/pyload/commit/431ea6f0371d748df66b344a05ca1a8e0310cff3 https://huntr.dev/bounties/a3e32ad5-caee-4f43-b10a-4a876d4e3f1d • CWE-1125: Excessive Attack Surface •