Vulnerabilidades en Pyload
45 resultadosCVE-2023-0297CRITICAL Code Injection in pyload/pyloadEPSS 97.0%CVE-2024-21644HIGHpyLoad unauthenticated flask configuration leakageEPSS 42.2%CVE-2024-21645MEDIUMpyLoad Log InjectionEPSS 24.5%CVE-2024-32880CRITICALpyLoad allows upload to arbitrary folder lead to RCEEPSS 1.3%CVE-2025-53890CRITICALpyLoad vulnerable to remote code execution through js2py onCaptchaResultEPSS 1.1%CVE-2025-54802CRITICALpyLoad CNL Blueprint is vulnerable to Path Traversal through `dlc_path` leading to Remote Code Execution (RCE)EPSS 1.1%CVE-2024-22416CRITICALCross-Site Request Forgery on any API call in pyLoad may lead to admin privilege escalationEPSS 0.9%CVE-2023-0488CRITICALCross-site Scripting (XSS) - Stored in pyload/pyloadEPSS 0.8%CVE-2023-0434MEDIUMImproper Input Validation in pyload/pyloadEPSS 0.8%CVE-2026-35463HIGHpyLoad has Improper Neutralization of Special Elements used in an OS CommandEPSS 0.8%CVE-2023-0435MEDIUMExcessive Attack Surface in pyload/pyloadEPSS 0.7%CVE-2024-47821CRITICALpyLoad vulnerable to remote code execution by download to /.pyload/scripts using /flashgot APIEPSS 0.7%CVE-2023-0227HIGHInsufficient Session Expiration in pyload/pyloadEPSS 0.7%CVE-2025-54140HIGHpyLoad has Path Traversal Vulnerability in json/upload Endpoint that allows Arbitrary File WriteEPSS 0.6%CVE-2024-24808MEDIUMpyLoad open redirect vulnerability due to improper validation of the is_safe_url functionEPSS 0.5%CVE-2026-33509HIGHpyload-ng: SETTINGS Permission Users Can Achieve Remote Code Execution via Unrestricted Reconnect Script ConfigurationEPSS 0.5%CVE-2026-35464HIGHpyLoad has an incomplete fix for CVE-2026-33509: unprotected storage_folder enables arbitrary file write to Flask session store and code executionEPSS 0.5%CVE-2023-0509HIGHImproper Certificate Validation in pyload/pyloadEPSS 0.5%CVE-2026-29778HIGHpyLoad: Arbitrary File Write via Path Traversal in edit_package()EPSS 0.5%CVE-2023-0057LOWImproper Restriction of Rendered UI Layers or Frames in pyload/pyloadEPSS 0.5%