Vulnerability Database

296,213

Total vulnerabilities in the database

CVE-2024-21644

pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the SECRET_KEY variable. This issue has been patched in version 0.5.0b3.dev77.

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
Python icon pyload-ng - 0.5.0b3.dev77
pyload / pyload - 0.4.9.x
pyload / pyload 0.5.0-beta1 0.5.0-beta1.x
pyload / pyload 0.5.0-beta2 0.5.0-beta2.x