pyload-ng@0.5.0b3.dev75 vulnerabilities

The free and open-source Download Manager written in pure Python

Direct Vulnerabilities

Known vulnerabilities in the pyload-ng package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • C
Command Injection

pyload-ng is a The free and open-source Download Manager written in pure Python

Affected versions of this package are vulnerable to Command Injection via the flashgot API and the download process. An attacker can execute arbitrary code by manipulating the download path to target the scripts directory and spoofing HTTP headers to bypass security checks. This is only exploitable if the server settings allow changing the download folder to a scripts directory and the permissions for downloaded files are improperly set.

How to fix Command Injection?

Upgrade pyload-ng to version 0.5.0b3.dev87 or higher.

[,0.5.0b3.dev87)
  • C
Improper Control of Generation of Code ('Code Injection')

pyload-ng is a The free and open-source Download Manager written in pure Python

Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') through the /flash/addcrypted2 API endpoint that uses js2py, which is vulnerable to Code Injection. An attacker can execute arbitrary shell commands by sending a specially crafted request that bypasses the localhost-only restriction using a modified HTTP header.

Note:

Any payload-ng running under python3.11 or below is vulnerable.

pyload-ng doesn't use js2py for python3.12 or above.

How to fix Improper Control of Generation of Code ('Code Injection')?

Upgrade pyload-ng to version 0.5.0b3.dev87 or higher.

[,0.5.0b3.dev87)
  • C
Unrestricted Upload of File with Dangerous Type

pyload-ng is a The free and open-source Download Manager written in pure Python

Affected versions of this package are vulnerable to Unrestricted Upload of File with Dangerous Type due to the ability to change the download folder and upload a crafted template. An attacker can execute arbitrary code on the server by uploading a malicious template file to a specified folder and then navigating to a URL that renders the uploaded template.

How to fix Unrestricted Upload of File with Dangerous Type?

Upgrade pyload-ng to version 0.5.0b3.dev85 or higher.

[,0.5.0b3.dev85)
  • M
Open Redirect

pyload-ng is a The free and open-source Download Manager written in pure Python

Affected versions of this package are vulnerable to Open Redirect via the is_safe_url function. An attacker can redirect users to malicious websites, which may be used for phishing and similar attacks by manipulating the URL input in the next variable to bypass URL validation.

How to fix Open Redirect?

Upgrade pyload-ng to version 0.5.0b3.dev79 or higher.

[,0.5.0b3.dev79)
  • C
Cross-site Request Forgery (CSRF)

pyload-ng is a The free and open-source Download Manager written in pure Python

Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) due to the API accepting GET requests without proper validation. An attacker can perform unauthorized actions on behalf of a legitimate user due to the session cookie not being set to SameSite: strict.

How to fix Cross-site Request Forgery (CSRF)?

Upgrade pyload-ng to version 0.5.0b3.dev78 or higher.

[,0.5.0b3.dev78)
  • M
Improper Output Neutralization for Logs

pyload-ng is a The free and open-source Download Manager written in pure Python

Affected versions of this package are vulnerable to Improper Output Neutralization for Logs. An attacker can inject arbitrary messages into the logs via the username, which could be used to obscure their activities or falsely implicate another individual in malicious actions.

How to fix Improper Output Neutralization for Logs?

Upgrade pyload-ng to version 0.5.0b3.dev77 or higher.

[,0.5.0b3.dev77)
  • H
Insertion of Sensitive Information into Externally-Accessible File or Directory

pyload-ng is a The free and open-source Download Manager written in pure Python

Affected versions of this package are vulnerable to Insertion of Sensitive Information into Externally-Accessible File or Directory due to improper handling of a specific URL which exposes the Flask config, including the SECRET_KEY variable. An attacker can gain access to sensitive information by navigating to the exposed URL without authentication.

How to fix Insertion of Sensitive Information into Externally-Accessible File or Directory?

Upgrade pyload-ng to version 0.5.0b3.dev77 or higher.

[,0.5.0b3.dev77)