VYPR

Moss

by Deep Project

Source repositories

CVEs (2)

  • CVE-2025-55383HigAug 21, 2025
    risk 0.56cvss 8.6epss 0.00

    Moss before v0.15 has a file upload vulnerability. The "upload" function configuration allows attackers to upload files of any extension to any location on the target server.

  • CVE-2024-57098Feb 3, 2025
    risk 0.00cvss epss 0.00

    Moss v0.1.3 version has an SQL injection vulnerability that allows attackers to inject carefully designed payloads into the order parameter.