← Zuruck zu CVEs
CVE-2025-55156
N/ABeschreibung
pyLoad is the free and open-source Download Manager written in pure Python. Prior to version 0.5.0b3.dev91, the parameter add_links in API /json/add_package is vulnerable to SQL Injection. Attackers can modify or delete data in the database, causing data errors or loss. This issue has been patched in version 0.5.0b3.dev91.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht8/11/2025
Zuletzt geandert8/12/2025
Quellenvd
Honeypot-Sichtungen0
Schwachen (CWE)
CWE-89
Referenzen
https://github.com/pyload/pyload/blob/develop/src/pyload/core/database/file_database.py#L271(security-advisories@github.com)
https://github.com/pyload/pyload/commit/134edcdf6e2a10c393743c254da3d9d90b74258f(security-advisories@github.com)
https://github.com/pyload/pyload/security/advisories/GHSA-pwh4-6r3m-j2rf(security-advisories@github.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.