VYPR

SABnzbd

by sabnzbd

CVEs (3)

  • CVE-2020-13124HigAug 11, 2020
    risk 0.58cvss 8.8epss 0.05

    SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in the web configuration interface that permits an authenticated user to execute arbitrary Python commands on the underlying operating system.

  • CVE-2021-29488MedMay 7, 2021
    risk 0.28cvss 4.3epss 0.01

    SABnzbd is an open source binary newsreader. A vulnerability was discovered in SABnzbd that could trick the `filesystem.renamer()` function into writing downloaded files outside the configured Download Folder via malicious PAR2 files. A patch was released as part of SABnzbd…

  • CVE-2023-34237HigJun 7, 2023
    risk 0.00cvss 8.1epss 0.02

    SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Script functionality allows code execution with the privileges of the SABnzbd…