VYPR

Doufox

by Doufox

CVEs (3)

  • CVE-2022-38621CriSep 16, 2022
    risk 0.66cvss 9.8epss 0.24

    Doufox v0.0.4 was discovered to contain a remote code execution (RCE) vulnerability via the edit file page. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.

  • CVE-2022-42246HigNov 17, 2022
    risk 0.57cvss 8.8epss 0.00

    Doufox 0.0.4 contains a CSRF vulnerability that can add system administrator account.

  • CVE-2025-2215MedMar 12, 2025
    risk 0.31cvss 4.7epss 0.01

    A vulnerability classified as critical was found in Doufox up to 0.2.0. Affected by this vulnerability is an unknown functionality of the file /?s=doudou&c=file&a=list. The manipulation of the argument dir leads to path traversal. The attack can be launched remotely. The exploit…