Deluge
Sign in to watchCVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-9031 | Cri | 0.64 | 9.8 | 0.01 | May 17, 2017 | The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability involving a request in which the name of the render file is not associated with any template file. | |
| CVE-2017-7178 | Hig | 0.60 | 8.8 | 0.01 | Mar 18, 2017 | CSRF was discovered in the web UI in Deluge before 1.3.14. The exploitation methodology involves (1) hosting a crafted plugin that executes an arbitrary program from its __init__.py file and (2) causing the victim to download, install, and enable this plugin. |