Vendor
Doufox
Products
1
CVEs
3
Across products
3
Status
Private
Products
1- 3 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-38621 | Cri | 0.66 | 9.8 | 0.24 | Sep 16, 2022 | Doufox v0.0.4 was discovered to contain a remote code execution (RCE) vulnerability via the edit file page. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. | ||
| CVE-2022-42246 | Hig | 0.57 | 8.8 | 0.00 | Nov 17, 2022 | Doufox 0.0.4 contains a CSRF vulnerability that can add system administrator account. | ||
| CVE-2025-2215 | Med | 0.31 | 4.7 | 0.01 | Mar 12, 2025 | A vulnerability classified as critical was found in Doufox up to 0.2.0. Affected by this vulnerability is an unknown functionality of the file /?s=doudou&c=file&a=list. The manipulation of the argument dir leads to path traversal. The attack can be launched remotely. The exploit… |
- risk 0.66cvss 9.8epss 0.24
Doufox v0.0.4 was discovered to contain a remote code execution (RCE) vulnerability via the edit file page. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
- risk 0.57cvss 8.8epss 0.00
Doufox 0.0.4 contains a CSRF vulnerability that can add system administrator account.
- risk 0.31cvss 4.7epss 0.01
A vulnerability classified as critical was found in Doufox up to 0.2.0. Affected by this vulnerability is an unknown functionality of the file /?s=doudou&c=file&a=list. The manipulation of the argument dir leads to path traversal. The attack can be launched remotely. The exploit…