Filtered by vendor Pydio
Subscriptions
Total
35 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-6227 | 2 Ajaxplorer, Pydio | 2 Ajaxplorer, Pydio | 2024-02-14 | N/A |
| Unrestricted file upload vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to execute arbitrary code by uploading an executable file, and then accessing this file at a location specified by the format parameter of a move operation. | ||||
| CVE-2023-32751 | 1 Pydio | 1 Cells | 2023-06-16 | 5.4 Medium |
| Pydio Cells through 4.1.2 allows XSS. Pydio Cells implements the download of files using presigned URLs which are generated using the Amazon AWS SDK for JavaScript [1]. The secrets used to sign these URLs are hardcoded and exposed through the JavaScript files of the web application. Therefore, it is possible to generate valid signatures for arbitrary download URLs. By uploading an HTML file and modifying the download URL to serve the file inline instead of as an attachment, any included JavaScript code is executed when the URL is opened in a browser, leading to a cross-site scripting vulnerability. | ||||
| CVE-2023-32750 | 1 Pydio | 1 Cells | 2023-06-16 | 6.5 Medium |
| Pydio Cells through 4.1.2 allows SSRF. For longer running processes, Pydio Cells allows for the creation of jobs, which are run in the background. The job "remote-download" can be used to cause the backend to send a HTTP GET request to a specified URL and save the response to a new file. The response file is then available in a user-specified folder in Pydio Cells. | ||||
| CVE-2023-32749 | 1 Pydio | 1 Cells | 2023-06-15 | 8.8 High |
| Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assigning all roles to a newly created user, access to all cells and non-personal workspaces is granted. | ||||
| CVE-2018-1999017 | 1 Pydio | 1 Pydio | 2022-10-03 | N/A |
| Pydio version 8.2.0 and earlier contains a Server-Side Request Forgery (SSRF) vulnerability in plugins/action.updater/UpgradeManager.php Line: 154, getUpgradePath($url) that can result in an authenticated admin users requesting arbitrary URL's, pivoting requests through the server. This attack appears to be exploitable via the attacker gaining access to an administrative account, enters a URL into Upgrade Engine, and reloads the page or presses "Check Now". This vulnerability appears to have been fixed in 8.2.1. | ||||
| CVE-2018-1999016 | 1 Pydio | 1 Pydio | 2022-10-03 | N/A |
| Pydio version 8.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in ./core/vendor/meenie/javascript-packer/example-inline.php line 48; ./core/vendor/dapphp/securimage/examples/test.mysql.static.php lines: 114,118 that can result in an unauthenticated remote attacker manipulating the web client via XSS code injection. This attack appear to be exploitable via the victim openning a specially crafted URL. This vulnerability appears to have been fixed in version 8.2.1. | ||||
| CVE-2018-1999018 | 1 Pydio | 1 Pydio | 2022-10-03 | N/A |
| Pydio version 8.2.1 and prior contains an Unvalidated user input leading to Remote Code Execution (RCE) vulnerability in plugins/action.antivirus/AntivirusScanner.php: Line 124, scanNow($nodeObject) that can result in An attacker gaining admin access and can then execute arbitrary commands on the underlying OS. This attack appear to be exploitable via The attacker edits the Antivirus Command in the antivirus plugin, and executes the payload by uploading any file within Pydio. | ||||
| CVE-2021-41325 | 1 Pydio | 1 Cells | 2022-07-12 | 6.5 Medium |
| Broken access control for user creation in Pydio Cells 2.2.9 allows remote anonymous users to create standard users via the profile parameter. (In addition, such users can be granted several admin permissions via the Roles parameter.) | ||||
| CVE-2021-41324 | 1 Pydio | 1 Cells | 2021-10-07 | 6.5 Medium |
| Directory traversal in the Copy, Move, and Delete features in Pydio Cells 2.2.9 allows remote authenticated users to enumerate personal files (or Cells files belonging to any user) via the nodes parameter (for Copy and Move) or via the Path parameter (for Delete). | ||||
| CVE-2021-41323 | 1 Pydio | 1 Cells | 2021-10-07 | 6.5 Medium |
| Directory traversal in the Compress feature in Pydio Cells 2.2.9 allows remote authenticated users to overwrite personal files, or Cells files belonging to any user, via the format parameter. | ||||
| CVE-2019-12902 | 1 Pydio | 1 Cells | 2021-07-21 | N/A |
| Pydio Cells before 1.5.0 does incomplete cleanup of a user's data upon deletion. This allows a new user, holding the same User ID as a deleted user, to restore the deleted user's data. | ||||
| CVE-2020-12848 | 1 Pydio | 1 Cells | 2021-07-21 | 5.4 Medium |
| In Pydio Cells 2.0.4, once an authenticated user shares a file selecting the create a public link option, a hidden shared user account is created in the backend with a random username. An anonymous user that obtains a valid public link can get the associated hidden account username and password and proceed to login to the web application. Once logged into the web application with the hidden user account, some actions that were not available with the public share link can now be performed. | ||||
| CVE-2019-9642 | 1 Pydio | 1 Pydio | 2021-07-21 | N/A |
| An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. Through an unauthenticated request, it possible to evaluate malicious PHP code by placing it on the fourth line of a .php file, as demonstrated by a PoC.php created by the guest account, with execution via a proxy.php?hash=../../../../../var/lib/pydio/data/personal/guest/PoC.php request. This is related to plugins/action.share/src/Store/ShareStore.php. | ||||
| CVE-2020-12847 | 1 Pydio | 1 Cells | 2021-07-21 | 7.2 High |
| Pydio Cells 2.0.4 web application offers an administrative console named “Cells Console” that is available to users with an administrator role. This console provides an administrator user with the possibility of changing several settings, including the application’s mailer configuration. It is possible to configure a few engines to be used by the mailer application to send emails. If the user selects the “sendmail” option as the default one, the web application offers to edit the full path where the sendmail binary is hosted. Since there is no restriction in place while editing this value, an attacker authenticated as an administrator user could force the web application into executing any arbitrary binary. | ||||
| CVE-2020-12851 | 1 Pydio | 1 Cells | 2021-07-21 | 8.1 High |
| Pydio Cells 2.0.4 allows an authenticated user to write or overwrite existing files in another user’s personal and cells folders (repositories) by uploading a custom generated ZIP file and leveraging the file extraction feature present in the web application. The extracted files will be placed in the targeted user folders. | ||||
| CVE-2019-12903 | 1 Pydio | 1 Cells | 2021-07-21 | N/A |
| Pydio Cells before 1.5.0, when supplied with a Name field in an unexpected Unicode format, fails to handle this and includes the database column/table name as pert of the error message, exposing sensitive information. | ||||
| CVE-2019-10049 | 1 Pydio | 1 Pydio | 2020-08-24 | N/A |
| It is possible for an attacker with regular user access to the web application of Pydio through 8.2.2 to trick an administrator user into opening a link shared through the application, that in turn opens a shared file that contains JavaScript code (that is executed in the context of the victim user to obtain sensitive information such as session identifiers and perform actions on behalf of him/her). | ||||
| CVE-2018-14772 | 1 Pydio | 1 Pydio | 2020-08-24 | N/A |
| Pydio 4.2.1 through 8.2.1 has an authenticated remote code execution vulnerability in which an attacker with administrator access to the web application can execute arbitrary code on the underlying system via Command Injection. | ||||
| CVE-2018-20718 | 1 Pydio | 1 Pydio | 2020-08-24 | N/A |
| In Pydio before 8.2.2, an attack is possible via PHP Object Injection because a user is allowed to use the $phpserial$a:0:{} syntax to store a preference. An attacker either needs a "public link" of a file, or access to any unprivileged user account for creation of such a link. | ||||
| CVE-2019-10046 | 1 Pydio | 1 Pydio | 2020-08-24 | N/A |
| An unauthenticated attacker can obtain information about the Pydio 8.2.2 configuration including session timeout, libraries, and license information. | ||||