VYPR

python_book

by Yllxx03

CVEs (2)

  • CVE-2024-50649CriNov 15, 2024
    risk 0.64cvss 9.8epss 0.01

    The user avatar upload function in python_book V1.0 has an arbitrary file upload vulnerability.

  • CVE-2024-50650HigNov 15, 2024
    risk 0.49cvss 7.5epss 0.01

    python_book V1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter.