mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-30 02:00:45 +00:00
935 B
935 B
CVE-2024-32880
Description
pyload is an open-source Download Manager written in pure Python. An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution. There is no fix available at the time of publication.
POC
Reference
- https://github.com/pyload/pyload/security/advisories/GHSA-3f7w-p8vr-4v5f
- https://github.com/pyload/pyload/security/advisories/GHSA-3f7w-p8vr-4v5f