Analyzed
about 13 hours
ago.
based on code collected
about 13 hours
ago.
Major Versions
click and drag to zoom
Security Vulnerabilities for Version:
Severities:
Type
|
Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
|---|---|---|---|---|---|
| CVE-2024-32880 | BDSA-2024-2123 | High | Apr 26, 2024 | pyload is an open-source Download Manager written in pure Python. An authenticated user can change the download folder and upload a crafted template to more... |
0.4.20, v0.5.0, 0.1, v0.4.9, v0.4.8, v0.4.7, v0.4.6, v0.4.5, v0.4.4, v0.4.3
|
| CVE-2024-24808 | Medium | Feb 06, 2024 | pyLoad is an open-source Download Manager written in pure Python. There is an open redirect vulnerability due to incorrect validation of input values w more... |
0.4.20, v0.5.0, 0.1, v0.4.9, v0.4.8, v0.4.7, v0.4.6, v0.4.5, v0.4.4, v0.4.3
|
|
| CVE-2023-0509 | High | Jan 26, 2023 | Improper Certificate Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev44. |
0.4.20, v0.6.8, v0.6.7, v0.6.5, v0.6.4, v0.6.6, v0.6.2, v0.6.0, v0.6.1, v0.5.2
|
|
| CVE-2023-0488 | Medium | Jan 26, 2023 | Cross-site Scripting (XSS) - Stored in GitHub repository pyload/pyload prior to 0.5.0b3.dev42. |
0.4.20, v0.6.8, v0.6.7, v0.6.5, v0.6.4, v0.6.6, v0.6.2, v0.6.0, v0.6.1, v0.5.2
|
|
| CVE-2023-0435 | Critical | Jan 22, 2023 | Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41. |
0.4.20, 0.1, v0.4.9, v0.4.8, v0.4.7, v0.4.6, v0.4.5, v0.4.4, v0.4.3, v0.4.2
|
|
| CVE-2023-0297 | Critical | Jan 14, 2023 | Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31. |
0.4.20, 0.1, v0.4.9, v0.4.8, v0.4.7, v0.4.6, v0.4.5, v0.4.4, v0.4.3, v0.4.2
|
|
| CVE-2023-0227 | Medium | Jan 12, 2023 | Insufficient Session Expiration in GitHub repository pyload/pyload prior to 0.5.0b3.dev36. |
0.4.20, v0.6.8, v0.6.7, v0.6.5, v0.6.4, v0.6.6, v0.6.2, v0.6.0, v0.6.1, v0.5.2
|
|
| CVE-2023-0057 | Medium | Jan 05, 2023 | Improper Restriction of Rendered UI Layers or Frames in GitHub repository pyload/pyload prior to 0.5.0b3.dev33. |
0.4.20, v0.6.8, v0.6.7, v0.6.5, v0.6.4, v0.6.6, v0.6.2, v0.6.0, v0.6.1, v0.5.2
|
|
| BDSA-2025-9611 | Medium | Aug 22, 2025 | pyLoad is vulnerable to denial-of-service (DoS) due to inadequate verification of the `jk` parameter in the `addcrypted2` function. This could allow an more... | ||
| BDSA-2025-8465 | High | Aug 12, 2025 | pyLoad is vulnerable to SQL injection (SQLi) due to improper handling of user input in the `add_links` parameter of the `/json/add_package` API. This c more... |
