2 results (0.001 seconds)
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50650
https://notcve.org/view.php?id=CVE-2024-50650
15 Nov 2024 — python_book V1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter. • https://github.com/Yllxx03/CVE/blob/main/python_book/BrokenAccessControl.md • CWE-863: Incorrect Authorization •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50649
https://notcve.org/view.php?id=CVE-2024-50649
15 Nov 2024 — The user avatar upload function in python_book V1.0 has an arbitrary file upload vulnerability. • https://github.com/Yllxx03/CVE/blob/main/python_book/FileUpload.md • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •