Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/froxlor/froxlor@0.10.0-rc2
Typecomposer
Namespacefroxlor
Namefroxlor
Version0.10.0-rc2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.3.7
Latest_non_vulnerable_version2.3.7
Affected_by_vulnerabilities
0
url VCID-13gb-yr6z-n7cc
vulnerability_id VCID-13gb-yr6z-n7cc
summary Code Injection in GitHub repository froxlor/froxlor prior to 2.0.11.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0877
reference_id
reference_type
scores
0
value 0.00457
scoring_system epss
scoring_elements 0.64459
published_at 2026-06-14T12:55:00Z
1
value 0.00457
scoring_system epss
scoring_elements 0.6445
published_at 2026-06-12T12:55:00Z
2
value 0.00457
scoring_system epss
scoring_elements 0.64463
published_at 2026-06-13T12:55:00Z
3
value 0.00457
scoring_system epss
scoring_elements 0.64348
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0877
1
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0877
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-0877
3
reference_url https://github.com/froxlor/froxlor/commit/aa48ffca2bcaf7ae57be3b8147bb3138abdab984
reference_id aa48ffca2bcaf7ae57be3b8147bb3138abdab984
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-18T16:01:03Z/
url https://github.com/froxlor/froxlor/commit/aa48ffca2bcaf7ae57be3b8147bb3138abdab984
4
reference_url https://huntr.dev/bounties/b29cf038-06f1-4fb0-9437-08f2991f92a8
reference_id b29cf038-06f1-4fb0-9437-08f2991f92a8
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-18T16:01:03Z/
url https://huntr.dev/bounties/b29cf038-06f1-4fb0-9437-08f2991f92a8
5
reference_url https://github.com/advisories/GHSA-vp4r-h765-5mwp
reference_id GHSA-vp4r-h765-5mwp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vp4r-h765-5mwp
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.11
purl pkg:composer/froxlor/froxlor@2.0.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-38ph-pcue-zydu
2
vulnerability VCID-44fu-9q5x-uuf8
3
vulnerability VCID-7e6h-qe19-jken
4
vulnerability VCID-9t9n-1hhp-3yga
5
vulnerability VCID-atns-wuzm-kqh2
6
vulnerability VCID-dptm-3z1r-bubj
7
vulnerability VCID-ebbm-gvf6-xfbd
8
vulnerability VCID-f15s-unrj-57ax
9
vulnerability VCID-gfgb-su1s-ubaj
10
vulnerability VCID-hhmm-9bdt-fyb5
11
vulnerability VCID-jvvz-9twe-8fb1
12
vulnerability VCID-nbu9-sey3-w7es
13
vulnerability VCID-rw5a-bgxw-bfbd
14
vulnerability VCID-tk6b-p759-jyfv
15
vulnerability VCID-tvgb-xmfz-tuf6
16
vulnerability VCID-u4pt-mr2z-j3f2
17
vulnerability VCID-vbvy-j84s-zygu
18
vulnerability VCID-w7xv-k4rd-v7bq
19
vulnerability VCID-x93s-u6kq-fbbe
20
vulnerability VCID-xpgs-hpf3-3qff
21
vulnerability VCID-y4zg-wf1d-4bcm
22
vulnerability VCID-yqdf-v5wf-j3bj
23
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.11
aliases CVE-2023-0877, GHSA-vp4r-h765-5mwp
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-13gb-yr6z-n7cc
1
url VCID-1rwn-9phn-kkb4
vulnerability_id VCID-1rwn-9phn-kkb4
summary Froxlor is open source server administration software. Prior to version 2.3.5, the DomainZones.add API endpoint (accessible to customers with DNS enabled) does not validate the content field for several DNS record types (LOC, RP, SSHFP, TLSA). An attacker can inject newlines and BIND zone file directives (e.g. $INCLUDE) into the zone file that gets written to disk when the DNS rebuild cron job runs. This issue has been patched in version 2.3.5.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-30932
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.07562
published_at 2026-06-11T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.07584
published_at 2026-06-14T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.07598
published_at 2026-06-12T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.07593
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-30932
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://github.com/froxlor/froxlor/releases/tag/2.3.5
reference_id 2.3.5
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T13:30:29Z/
url https://github.com/froxlor/froxlor/releases/tag/2.3.5
3
reference_url https://github.com/froxlor/froxlor/commit/b34829262dc32818b37f6a1eabb426d0b277a86b
reference_id b34829262dc32818b37f6a1eabb426d0b277a86b
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T13:30:29Z/
url https://github.com/froxlor/froxlor/commit/b34829262dc32818b37f6a1eabb426d0b277a86b
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-30932
reference_id CVE-2026-30932
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-30932
5
reference_url https://github.com/advisories/GHSA-x6w6-2xwp-3jh6
reference_id GHSA-x6w6-2xwp-3jh6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x6w6-2xwp-3jh6
6
reference_url https://github.com/froxlor/froxlor/security/advisories/GHSA-x6w6-2xwp-3jh6
reference_id GHSA-x6w6-2xwp-3jh6
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T13:30:29Z/
url https://github.com/froxlor/froxlor/security/advisories/GHSA-x6w6-2xwp-3jh6
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.3.5
purl pkg:composer/froxlor/froxlor@2.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9t9n-1hhp-3yga
1
vulnerability VCID-atns-wuzm-kqh2
2
vulnerability VCID-ebbm-gvf6-xfbd
3
vulnerability VCID-nbu9-sey3-w7es
4
vulnerability VCID-tvgb-xmfz-tuf6
5
vulnerability VCID-w7xv-k4rd-v7bq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.3.5
aliases CVE-2026-30932, GHSA-x6w6-2xwp-3jh6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1rwn-9phn-kkb4
2
url VCID-2mym-uwpj-v3he
vulnerability_id VCID-2mym-uwpj-v3he
summary Unchecked Error Condition in GitHub repository froxlor/froxlor prior to 2.0.10.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0572
reference_id
reference_type
scores
0
value 0.00241
scoring_system epss
scoring_elements 0.47759
published_at 2026-06-13T12:55:00Z
1
value 0.00241
scoring_system epss
scoring_elements 0.47739
published_at 2026-06-14T12:55:00Z
2
value 0.00241
scoring_system epss
scoring_elements 0.47743
published_at 2026-06-12T12:55:00Z
3
value 0.00241
scoring_system epss
scoring_elements 0.47603
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0572
1
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0572
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-0572
3
reference_url https://huntr.dev/bounties/4ab24ee2-3ff6-4248-9555-0af3e5f754ec
reference_id 4ab24ee2-3ff6-4248-9555-0af3e5f754ec
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-28T15:42:38Z/
url https://huntr.dev/bounties/4ab24ee2-3ff6-4248-9555-0af3e5f754ec
4
reference_url https://github.com/froxlor/froxlor/commit/7b08a71c59430d06c1efb012a6c6448262aacdb1
reference_id 7b08a71c59430d06c1efb012a6c6448262aacdb1
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-28T15:42:38Z/
url https://github.com/froxlor/froxlor/commit/7b08a71c59430d06c1efb012a6c6448262aacdb1
5
reference_url https://github.com/advisories/GHSA-3chw-8jq2-w769
reference_id GHSA-3chw-8jq2-w769
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3chw-8jq2-w769
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.10
purl pkg:composer/froxlor/froxlor@2.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13gb-yr6z-n7cc
1
vulnerability VCID-1rwn-9phn-kkb4
2
vulnerability VCID-38ph-pcue-zydu
3
vulnerability VCID-44fu-9q5x-uuf8
4
vulnerability VCID-7e6h-qe19-jken
5
vulnerability VCID-9t9n-1hhp-3yga
6
vulnerability VCID-atns-wuzm-kqh2
7
vulnerability VCID-dptm-3z1r-bubj
8
vulnerability VCID-ebbm-gvf6-xfbd
9
vulnerability VCID-f15s-unrj-57ax
10
vulnerability VCID-gfgb-su1s-ubaj
11
vulnerability VCID-hhmm-9bdt-fyb5
12
vulnerability VCID-jvvz-9twe-8fb1
13
vulnerability VCID-nbu9-sey3-w7es
14
vulnerability VCID-nf6w-t7ew-ryde
15
vulnerability VCID-rw5a-bgxw-bfbd
16
vulnerability VCID-tk6b-p759-jyfv
17
vulnerability VCID-tvgb-xmfz-tuf6
18
vulnerability VCID-u4pt-mr2z-j3f2
19
vulnerability VCID-vbvy-j84s-zygu
20
vulnerability VCID-w7xv-k4rd-v7bq
21
vulnerability VCID-x93s-u6kq-fbbe
22
vulnerability VCID-xpgs-hpf3-3qff
23
vulnerability VCID-y4zg-wf1d-4bcm
24
vulnerability VCID-yqdf-v5wf-j3bj
25
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.10
aliases CVE-2023-0572, GHSA-3chw-8jq2-w769
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2mym-uwpj-v3he
3
url VCID-38ph-pcue-zydu
vulnerability_id VCID-38ph-pcue-zydu
summary Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-4304
reference_id
reference_type
scores
0
value 0.00236
scoring_system epss
scoring_elements 0.46923
published_at 2026-06-12T12:55:00Z
1
value 0.00236
scoring_system epss
scoring_elements 0.46919
published_at 2026-06-14T12:55:00Z
2
value 0.00236
scoring_system epss
scoring_elements 0.46938
published_at 2026-06-13T12:55:00Z
3
value 0.00236
scoring_system epss
scoring_elements 0.46782
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-4304
1
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-4304
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-4304
3
reference_url https://huntr.dev/bounties/59fe5037-b253-4b0f-be69-1d2e4af8b4a9
reference_id 59fe5037-b253-4b0f-be69-1d2e4af8b4a9
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T13:04:29Z/
url https://huntr.dev/bounties/59fe5037-b253-4b0f-be69-1d2e4af8b4a9
4
reference_url https://github.com/froxlor/froxlor/commit/ce9a5f97a3edb30c7d33878765d3c014a6583597
reference_id ce9a5f97a3edb30c7d33878765d3c014a6583597
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
1
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T13:04:29Z/
url https://github.com/froxlor/froxlor/commit/ce9a5f97a3edb30c7d33878765d3c014a6583597
5
reference_url https://github.com/advisories/GHSA-9rmf-6qgj-g3wj
reference_id GHSA-9rmf-6qgj-g3wj
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9rmf-6qgj-g3wj
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.22
purl pkg:composer/froxlor/froxlor@2.0.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-7e6h-qe19-jken
2
vulnerability VCID-9t9n-1hhp-3yga
3
vulnerability VCID-atns-wuzm-kqh2
4
vulnerability VCID-dptm-3z1r-bubj
5
vulnerability VCID-ebbm-gvf6-xfbd
6
vulnerability VCID-jvvz-9twe-8fb1
7
vulnerability VCID-nbu9-sey3-w7es
8
vulnerability VCID-rw5a-bgxw-bfbd
9
vulnerability VCID-tk6b-p759-jyfv
10
vulnerability VCID-tvgb-xmfz-tuf6
11
vulnerability VCID-u4pt-mr2z-j3f2
12
vulnerability VCID-w7xv-k4rd-v7bq
13
vulnerability VCID-x93s-u6kq-fbbe
14
vulnerability VCID-yqdf-v5wf-j3bj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.22
aliases CVE-2023-4304, GHSA-9rmf-6qgj-g3wj
risk_score 1.7
exploitability 0.5
weighted_severity 3.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-38ph-pcue-zydu
4
url VCID-44fu-9q5x-uuf8
vulnerability_id VCID-44fu-9q5x-uuf8
summary Allocation of Resources Without Limits or Throttling in GitHub repository froxlor/froxlor prior to 2.0.16.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-2666
reference_id
reference_type
scores
0
value 0.00215
scoring_system epss
scoring_elements 0.4409
published_at 2026-06-11T12:55:00Z
1
value 0.00215
scoring_system epss
scoring_elements 0.44251
published_at 2026-06-14T12:55:00Z
2
value 0.00215
scoring_system epss
scoring_elements 0.44244
published_at 2026-06-12T12:55:00Z
3
value 0.00215
scoring_system epss
scoring_elements 0.44263
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-2666
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-2666
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-2666
3
reference_url https://huntr.dev/bounties/0bbdc9d4-d9dc-4490-93ef-0a83b451a20f
reference_id 0bbdc9d4-d9dc-4490-93ef-0a83b451a20f
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-24T15:58:44Z/
url https://huntr.dev/bounties/0bbdc9d4-d9dc-4490-93ef-0a83b451a20f
4
reference_url https://github.com/froxlor/froxlor/commit/1679675aa1c29d24344dd2e091ff252accb111d6
reference_id 1679675aa1c29d24344dd2e091ff252accb111d6
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-24T15:58:44Z/
url https://github.com/froxlor/froxlor/commit/1679675aa1c29d24344dd2e091ff252accb111d6
5
reference_url https://github.com/advisories/GHSA-4gm9-c9jq-g523
reference_id GHSA-4gm9-c9jq-g523
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4gm9-c9jq-g523
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.16
purl pkg:composer/froxlor/froxlor@2.0.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-38ph-pcue-zydu
2
vulnerability VCID-7e6h-qe19-jken
3
vulnerability VCID-9t9n-1hhp-3yga
4
vulnerability VCID-atns-wuzm-kqh2
5
vulnerability VCID-dptm-3z1r-bubj
6
vulnerability VCID-ebbm-gvf6-xfbd
7
vulnerability VCID-f15s-unrj-57ax
8
vulnerability VCID-gfgb-su1s-ubaj
9
vulnerability VCID-jvvz-9twe-8fb1
10
vulnerability VCID-nbu9-sey3-w7es
11
vulnerability VCID-rw5a-bgxw-bfbd
12
vulnerability VCID-tk6b-p759-jyfv
13
vulnerability VCID-tvgb-xmfz-tuf6
14
vulnerability VCID-u4pt-mr2z-j3f2
15
vulnerability VCID-vbvy-j84s-zygu
16
vulnerability VCID-w7xv-k4rd-v7bq
17
vulnerability VCID-x93s-u6kq-fbbe
18
vulnerability VCID-y4zg-wf1d-4bcm
19
vulnerability VCID-yqdf-v5wf-j3bj
20
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.16
aliases CVE-2023-2666, GHSA-4gm9-c9jq-g523
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-44fu-9q5x-uuf8
5
url VCID-7e6h-qe19-jken
vulnerability_id VCID-7e6h-qe19-jken
summary Froxlor is open-source server administration software. A vulnerability in versions prior to 2.2.6 allows users (such as resellers or customers) to create accounts with the same email address as an existing account. This creates potential issues with account identification and security. This vulnerability can be exploited by authenticated users (e.g., reseller, customer) who can create accounts with the same email address that has already been used by another account, such as the admin. The attack vector is email-based, as the system does not prevent multiple accounts from registering the same email address, leading to possible conflicts and security issues. Version 2.2.6 fixes the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-29773
reference_id
reference_type
scores
0
value 0.00089
scoring_system epss
scoring_elements 0.25531
published_at 2026-06-13T12:55:00Z
1
value 0.00089
scoring_system epss
scoring_elements 0.25515
published_at 2026-06-14T12:55:00Z
2
value 0.00089
scoring_system epss
scoring_elements 0.25512
published_at 2026-06-12T12:55:00Z
3
value 0.00089
scoring_system epss
scoring_elements 0.25314
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-29773
1
reference_url https://github.com/froxlor/Froxlor
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/Froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-29773
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-29773
3
reference_url https://github.com/froxlor/Froxlor/commit/a43d53d54034805e3e404702a01312fa0c40b623
reference_id a43d53d54034805e3e404702a01312fa0c40b623
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-13T18:30:51Z/
url https://github.com/froxlor/Froxlor/commit/a43d53d54034805e3e404702a01312fa0c40b623
4
reference_url https://github.com/advisories/GHSA-7j6w-p859-464f
reference_id GHSA-7j6w-p859-464f
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7j6w-p859-464f
5
reference_url https://github.com/froxlor/Froxlor/security/advisories/GHSA-7j6w-p859-464f
reference_id GHSA-7j6w-p859-464f
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-13T18:30:51Z/
url https://github.com/froxlor/Froxlor/security/advisories/GHSA-7j6w-p859-464f
6
reference_url https://mega.nz/file/h8oFHQrL#I4V02_BWee4CCx7OoBl_2Ufkd5Wc7fvs5aCatGApkoQ
reference_id h8oFHQrL#I4V02_BWee4CCx7OoBl_2Ufkd5Wc7fvs5aCatGApkoQ
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-13T18:30:51Z/
url https://mega.nz/file/h8oFHQrL#I4V02_BWee4CCx7OoBl_2Ufkd5Wc7fvs5aCatGApkoQ
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.2.6
purl pkg:composer/froxlor/froxlor@2.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-9t9n-1hhp-3yga
2
vulnerability VCID-atns-wuzm-kqh2
3
vulnerability VCID-ebbm-gvf6-xfbd
4
vulnerability VCID-nbu9-sey3-w7es
5
vulnerability VCID-rw5a-bgxw-bfbd
6
vulnerability VCID-tvgb-xmfz-tuf6
7
vulnerability VCID-w7xv-k4rd-v7bq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.2.6
aliases CVE-2025-29773, GHSA-7j6w-p859-464f
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7e6h-qe19-jken
6
url VCID-8c8t-7j1p-3baa
vulnerability_id VCID-8c8t-7j1p-3baa
summary Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 2.0.0-beta1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-4867
reference_id
reference_type
scores
0
value 0.00155
scoring_system epss
scoring_elements 0.35968
published_at 2026-06-11T12:55:00Z
1
value 0.00155
scoring_system epss
scoring_elements 0.36159
published_at 2026-06-14T12:55:00Z
2
value 0.00155
scoring_system epss
scoring_elements 0.36148
published_at 2026-06-12T12:55:00Z
3
value 0.00155
scoring_system epss
scoring_elements 0.3617
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-4867
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-4867
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-4867
3
reference_url https://huntr.dev/bounties/c91364dd-9ead-4bf3-96e6-663a017e08fa
reference_id c91364dd-9ead-4bf3-96e6-663a017e08fa
reference_type
scores
0
value 3.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
1
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T14:43:03Z/
url https://huntr.dev/bounties/c91364dd-9ead-4bf3-96e6-663a017e08fa
4
reference_url https://github.com/froxlor/froxlor/commit/f7f356e896173558248c43f4f68612f78e73a65d
reference_id f7f356e896173558248c43f4f68612f78e73a65d
reference_type
scores
0
value 3.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
1
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T14:43:03Z/
url https://github.com/froxlor/froxlor/commit/f7f356e896173558248c43f4f68612f78e73a65d
5
reference_url https://github.com/advisories/GHSA-6gwx-gw56-qhf7
reference_id GHSA-6gwx-gw56-qhf7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6gwx-gw56-qhf7
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.0-beta1
purl pkg:composer/froxlor/froxlor@2.0.0-beta1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.0-beta1
1
url pkg:composer/froxlor/froxlor@2.0.0
purl pkg:composer/froxlor/froxlor@2.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13gb-yr6z-n7cc
1
vulnerability VCID-1rwn-9phn-kkb4
2
vulnerability VCID-2mym-uwpj-v3he
3
vulnerability VCID-38ph-pcue-zydu
4
vulnerability VCID-44fu-9q5x-uuf8
5
vulnerability VCID-7e6h-qe19-jken
6
vulnerability VCID-9t9n-1hhp-3yga
7
vulnerability VCID-atns-wuzm-kqh2
8
vulnerability VCID-d48t-6m2w-s7h2
9
vulnerability VCID-dptm-3z1r-bubj
10
vulnerability VCID-ebbm-gvf6-xfbd
11
vulnerability VCID-f15s-unrj-57ax
12
vulnerability VCID-gfgb-su1s-ubaj
13
vulnerability VCID-hhmm-9bdt-fyb5
14
vulnerability VCID-hr4y-q8gp-5ua5
15
vulnerability VCID-hs15-esbz-bfhb
16
vulnerability VCID-jvvz-9twe-8fb1
17
vulnerability VCID-nbu9-sey3-w7es
18
vulnerability VCID-nf6w-t7ew-ryde
19
vulnerability VCID-p242-zj5r-7faw
20
vulnerability VCID-rw5a-bgxw-bfbd
21
vulnerability VCID-tk6b-p759-jyfv
22
vulnerability VCID-tvgb-xmfz-tuf6
23
vulnerability VCID-u4pt-mr2z-j3f2
24
vulnerability VCID-unh1-2xmh-qbcs
25
vulnerability VCID-vbvy-j84s-zygu
26
vulnerability VCID-w7xv-k4rd-v7bq
27
vulnerability VCID-x93s-u6kq-fbbe
28
vulnerability VCID-xpgs-hpf3-3qff
29
vulnerability VCID-y4zg-wf1d-4bcm
30
vulnerability VCID-yqdf-v5wf-j3bj
31
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.0
aliases CVE-2022-4867, GHSA-6gwx-gw56-qhf7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8c8t-7j1p-3baa
7
url VCID-8t9k-hvwr-xubb
vulnerability_id VCID-8t9k-hvwr-xubb
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10237
reference_id
reference_type
scores
0
value 0.00077
scoring_system epss
scoring_elements 0.23156
published_at 2026-06-11T12:55:00Z
1
value 0.00077
scoring_system epss
scoring_elements 0.23351
published_at 2026-06-12T12:55:00Z
2
value 0.00077
scoring_system epss
scoring_elements 0.23364
published_at 2026-06-13T12:55:00Z
3
value 0.00077
scoring_system epss
scoring_elements 0.23343
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10237
1
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1165719
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.suse.com/show_bug.cgi?id=1165719
2
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10237
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10237
4
reference_url https://github.com/advisories/GHSA-j9wr-mj69-cqmv
reference_id GHSA-j9wr-mj69-cqmv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j9wr-mj69-cqmv
fixed_packages
0
url pkg:composer/froxlor/froxlor@0.10.16
purl pkg:composer/froxlor/froxlor@0.10.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13gb-yr6z-n7cc
1
vulnerability VCID-1rwn-9phn-kkb4
2
vulnerability VCID-2mym-uwpj-v3he
3
vulnerability VCID-38ph-pcue-zydu
4
vulnerability VCID-44fu-9q5x-uuf8
5
vulnerability VCID-7e6h-qe19-jken
6
vulnerability VCID-8c8t-7j1p-3baa
7
vulnerability VCID-9t9n-1hhp-3yga
8
vulnerability VCID-atns-wuzm-kqh2
9
vulnerability VCID-d48t-6m2w-s7h2
10
vulnerability VCID-dptm-3z1r-bubj
11
vulnerability VCID-e8hu-xceh-cygy
12
vulnerability VCID-ebbm-gvf6-xfbd
13
vulnerability VCID-f15s-unrj-57ax
14
vulnerability VCID-gfgb-su1s-ubaj
15
vulnerability VCID-gxb4-1jgt-z3a8
16
vulnerability VCID-gyny-xdxc-vyg7
17
vulnerability VCID-hhky-38kt-9fcd
18
vulnerability VCID-hhmm-9bdt-fyb5
19
vulnerability VCID-hr4y-q8gp-5ua5
20
vulnerability VCID-hs15-esbz-bfhb
21
vulnerability VCID-hwdk-umd9-pbhp
22
vulnerability VCID-jvvz-9twe-8fb1
23
vulnerability VCID-mgwv-2pj5-pqav
24
vulnerability VCID-nbu9-sey3-w7es
25
vulnerability VCID-nf6w-t7ew-ryde
26
vulnerability VCID-p242-zj5r-7faw
27
vulnerability VCID-p627-qr92-mkdp
28
vulnerability VCID-qyzq-4avu-zugu
29
vulnerability VCID-rw5a-bgxw-bfbd
30
vulnerability VCID-tk6b-p759-jyfv
31
vulnerability VCID-tvgb-xmfz-tuf6
32
vulnerability VCID-u4pt-mr2z-j3f2
33
vulnerability VCID-unh1-2xmh-qbcs
34
vulnerability VCID-vbvy-j84s-zygu
35
vulnerability VCID-w7xv-k4rd-v7bq
36
vulnerability VCID-x93s-u6kq-fbbe
37
vulnerability VCID-xpgs-hpf3-3qff
38
vulnerability VCID-y4zg-wf1d-4bcm
39
vulnerability VCID-yqdf-v5wf-j3bj
40
vulnerability VCID-zrvp-d87z-p7dy
41
vulnerability VCID-ztuh-9qmx-pkf1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@0.10.16
aliases CVE-2020-10237, GHSA-j9wr-mj69-cqmv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8t9k-hvwr-xubb
8
url VCID-9t9n-1hhp-3yga
vulnerability_id VCID-9t9n-1hhp-3yga
summary Froxlor is open source server administration software. Prior to version 2.3.6, the Froxlor API endpoint `Customers.update` (and `Admins.update`) does not validate the `def_language` parameter against the list of available language files. An authenticated customer can set `def_language` to a path traversal payload (e.g., `../../../../../var/customers/webs/customer1/evil`), which is stored in the database. On subsequent requests, `Language::loadLanguage()` constructs a file path using this value and executes it via `require`, achieving arbitrary PHP code execution as the web server user. Version 2.3.6 fixes the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41228
reference_id
reference_type
scores
0
value 0.00085
scoring_system epss
scoring_elements 0.24712
published_at 2026-06-11T12:55:00Z
1
value 0.00085
scoring_system epss
scoring_elements 0.24906
published_at 2026-06-14T12:55:00Z
2
value 0.00085
scoring_system epss
scoring_elements 0.24911
published_at 2026-06-12T12:55:00Z
3
value 0.00085
scoring_system epss
scoring_elements 0.24922
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41228
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41228
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41228
3
reference_url https://github.com/froxlor/froxlor/releases/tag/2.3.6
reference_id 2.3.6
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T14:46:42Z/
url https://github.com/froxlor/froxlor/releases/tag/2.3.6
4
reference_url https://github.com/froxlor/froxlor/commit/bc5e6dbaa90e6f3573129da640595e8c770e1d0c
reference_id bc5e6dbaa90e6f3573129da640595e8c770e1d0c
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T14:46:42Z/
url https://github.com/froxlor/froxlor/commit/bc5e6dbaa90e6f3573129da640595e8c770e1d0c
5
reference_url https://github.com/advisories/GHSA-w59f-67xm-rxx7
reference_id GHSA-w59f-67xm-rxx7
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w59f-67xm-rxx7
6
reference_url https://github.com/froxlor/froxlor/security/advisories/GHSA-w59f-67xm-rxx7
reference_id GHSA-w59f-67xm-rxx7
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
3
value CRITICAL
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T14:46:42Z/
url https://github.com/froxlor/froxlor/security/advisories/GHSA-w59f-67xm-rxx7
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.3.6
purl pkg:composer/froxlor/froxlor@2.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-46tt-1n8z-xuct
1
vulnerability VCID-kjsn-vrac-67f9
2
vulnerability VCID-uyv2-5ka7-pufp
3
vulnerability VCID-vvvf-273x-s3g8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.3.6
aliases CVE-2026-41228, GHSA-w59f-67xm-rxx7
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9t9n-1hhp-3yga
9
url VCID-atns-wuzm-kqh2
vulnerability_id VCID-atns-wuzm-kqh2
summary Froxlor is open source server administration software. Prior to version 2.3.6, `DomainZones::add()` accepts arbitrary DNS record types without a whitelist and does not sanitize newline characters in the `content` field. When a DNS type not covered by the if/elseif validation chain is submitted (e.g., `NAPTR`, `PTR`, `HINFO`), content validation is entirely bypassed. Embedded newline characters in the content survive `trim()` processing, are stored in the database, and are written directly into BIND zone files via `DnsEntry::__toString()`. An authenticated customer can inject arbitrary DNS records and BIND directives (`$INCLUDE`, `$ORIGIN`, `$GENERATE`) into their domain's zone file. Version 2.3.6 fixes the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41230
reference_id
reference_type
scores
0
value 0.00057
scoring_system epss
scoring_elements 0.18253
published_at 2026-06-11T12:55:00Z
1
value 0.00057
scoring_system epss
scoring_elements 0.18414
published_at 2026-06-14T12:55:00Z
2
value 0.00057
scoring_system epss
scoring_elements 0.18416
published_at 2026-06-12T12:55:00Z
3
value 0.00057
scoring_system epss
scoring_elements 0.18437
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41230
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41230
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41230
3
reference_url https://github.com/froxlor/froxlor/releases/tag/2.3.6
reference_id 2.3.6
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-23T13:58:05Z/
url https://github.com/froxlor/froxlor/releases/tag/2.3.6
4
reference_url https://github.com/froxlor/froxlor/commit/47a8af5d9523cb6ec94567405cfc2e294d3a1442
reference_id 47a8af5d9523cb6ec94567405cfc2e294d3a1442
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-23T13:58:05Z/
url https://github.com/froxlor/froxlor/commit/47a8af5d9523cb6ec94567405cfc2e294d3a1442
5
reference_url https://github.com/advisories/GHSA-47hf-23pw-3m8c
reference_id GHSA-47hf-23pw-3m8c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-47hf-23pw-3m8c
6
reference_url https://github.com/froxlor/froxlor/security/advisories/GHSA-47hf-23pw-3m8c
reference_id GHSA-47hf-23pw-3m8c
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-23T13:58:05Z/
url https://github.com/froxlor/froxlor/security/advisories/GHSA-47hf-23pw-3m8c
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.3.6
purl pkg:composer/froxlor/froxlor@2.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-46tt-1n8z-xuct
1
vulnerability VCID-kjsn-vrac-67f9
2
vulnerability VCID-uyv2-5ka7-pufp
3
vulnerability VCID-vvvf-273x-s3g8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.3.6
aliases CVE-2026-41230, GHSA-47hf-23pw-3m8c
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-atns-wuzm-kqh2
10
url VCID-ckyn-q7qk-yqad
vulnerability_id VCID-ckyn-q7qk-yqad
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10236
reference_id
reference_type
scores
0
value 0.00139
scoring_system epss
scoring_elements 0.33801
published_at 2026-06-11T12:55:00Z
1
value 0.00139
scoring_system epss
scoring_elements 0.33979
published_at 2026-06-12T12:55:00Z
2
value 0.00139
scoring_system epss
scoring_elements 0.34002
published_at 2026-06-13T12:55:00Z
3
value 0.00139
scoring_system epss
scoring_elements 0.33981
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10236
1
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1165718
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.suse.com/show_bug.cgi?id=1165718
2
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
3
reference_url https://github.com/Froxlor/Froxlor/commit/6b09720ef8a1cc008751dd0ca0140a0597fedce5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor/commit/6b09720ef8a1cc008751dd0ca0140a0597fedce5
4
reference_url https://github.com/Froxlor/Froxlor/compare/0.10.13...0.10.14
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor/compare/0.10.13...0.10.14
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10236
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10236
6
reference_url https://github.com/advisories/GHSA-hvgf-2rf7-wrx9
reference_id GHSA-hvgf-2rf7-wrx9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hvgf-2rf7-wrx9
fixed_packages
0
url pkg:composer/froxlor/froxlor@0.10.14
purl pkg:composer/froxlor/froxlor@0.10.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13gb-yr6z-n7cc
1
vulnerability VCID-1rwn-9phn-kkb4
2
vulnerability VCID-2mym-uwpj-v3he
3
vulnerability VCID-38ph-pcue-zydu
4
vulnerability VCID-44fu-9q5x-uuf8
5
vulnerability VCID-7e6h-qe19-jken
6
vulnerability VCID-8c8t-7j1p-3baa
7
vulnerability VCID-8t9k-hvwr-xubb
8
vulnerability VCID-9t9n-1hhp-3yga
9
vulnerability VCID-atns-wuzm-kqh2
10
vulnerability VCID-d48t-6m2w-s7h2
11
vulnerability VCID-dptm-3z1r-bubj
12
vulnerability VCID-e8hu-xceh-cygy
13
vulnerability VCID-ebbm-gvf6-xfbd
14
vulnerability VCID-f15s-unrj-57ax
15
vulnerability VCID-gfgb-su1s-ubaj
16
vulnerability VCID-gxb4-1jgt-z3a8
17
vulnerability VCID-gyny-xdxc-vyg7
18
vulnerability VCID-hhky-38kt-9fcd
19
vulnerability VCID-hhmm-9bdt-fyb5
20
vulnerability VCID-hr4y-q8gp-5ua5
21
vulnerability VCID-hs15-esbz-bfhb
22
vulnerability VCID-hwdk-umd9-pbhp
23
vulnerability VCID-jvvz-9twe-8fb1
24
vulnerability VCID-mgwv-2pj5-pqav
25
vulnerability VCID-nbu9-sey3-w7es
26
vulnerability VCID-nf6w-t7ew-ryde
27
vulnerability VCID-p242-zj5r-7faw
28
vulnerability VCID-p627-qr92-mkdp
29
vulnerability VCID-qyzq-4avu-zugu
30
vulnerability VCID-rw5a-bgxw-bfbd
31
vulnerability VCID-tk6b-p759-jyfv
32
vulnerability VCID-tvgb-xmfz-tuf6
33
vulnerability VCID-u4pt-mr2z-j3f2
34
vulnerability VCID-unh1-2xmh-qbcs
35
vulnerability VCID-vbvy-j84s-zygu
36
vulnerability VCID-w7xv-k4rd-v7bq
37
vulnerability VCID-x93s-u6kq-fbbe
38
vulnerability VCID-xpgs-hpf3-3qff
39
vulnerability VCID-y4zg-wf1d-4bcm
40
vulnerability VCID-yqdf-v5wf-j3bj
41
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@0.10.14
aliases CVE-2020-10236, GHSA-hvgf-2rf7-wrx9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ckyn-q7qk-yqad
11
url VCID-d48t-6m2w-s7h2
vulnerability_id VCID-d48t-6m2w-s7h2
summary Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0565
reference_id
reference_type
scores
0
value 0.00207
scoring_system epss
scoring_elements 0.43294
published_at 2026-06-12T12:55:00Z
1
value 0.00207
scoring_system epss
scoring_elements 0.43305
published_at 2026-06-14T12:55:00Z
2
value 0.00207
scoring_system epss
scoring_elements 0.43314
published_at 2026-06-13T12:55:00Z
3
value 0.00207
scoring_system epss
scoring_elements 0.43137
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0565
1
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0565
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-0565
3
reference_url https://huntr.dev/bounties/12d78294-1723-4450-a239-023952666102
reference_id 12d78294-1723-4450-a239-023952666102
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T15:45:44Z/
url https://huntr.dev/bounties/12d78294-1723-4450-a239-023952666102
4
reference_url https://github.com/froxlor/froxlor/commit/2feb8020941a82bfb4ac68890f6ced0e5b3c4a15
reference_id 2feb8020941a82bfb4ac68890f6ced0e5b3c4a15
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T15:45:44Z/
url https://github.com/froxlor/froxlor/commit/2feb8020941a82bfb4ac68890f6ced0e5b3c4a15
5
reference_url https://github.com/advisories/GHSA-vqqm-c9gx-773q
reference_id GHSA-vqqm-c9gx-773q
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vqqm-c9gx-773q
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.10
purl pkg:composer/froxlor/froxlor@2.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13gb-yr6z-n7cc
1
vulnerability VCID-1rwn-9phn-kkb4
2
vulnerability VCID-38ph-pcue-zydu
3
vulnerability VCID-44fu-9q5x-uuf8
4
vulnerability VCID-7e6h-qe19-jken
5
vulnerability VCID-9t9n-1hhp-3yga
6
vulnerability VCID-atns-wuzm-kqh2
7
vulnerability VCID-dptm-3z1r-bubj
8
vulnerability VCID-ebbm-gvf6-xfbd
9
vulnerability VCID-f15s-unrj-57ax
10
vulnerability VCID-gfgb-su1s-ubaj
11
vulnerability VCID-hhmm-9bdt-fyb5
12
vulnerability VCID-jvvz-9twe-8fb1
13
vulnerability VCID-nbu9-sey3-w7es
14
vulnerability VCID-nf6w-t7ew-ryde
15
vulnerability VCID-rw5a-bgxw-bfbd
16
vulnerability VCID-tk6b-p759-jyfv
17
vulnerability VCID-tvgb-xmfz-tuf6
18
vulnerability VCID-u4pt-mr2z-j3f2
19
vulnerability VCID-vbvy-j84s-zygu
20
vulnerability VCID-w7xv-k4rd-v7bq
21
vulnerability VCID-x93s-u6kq-fbbe
22
vulnerability VCID-xpgs-hpf3-3qff
23
vulnerability VCID-y4zg-wf1d-4bcm
24
vulnerability VCID-yqdf-v5wf-j3bj
25
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.10
aliases CVE-2023-0565, GHSA-vqqm-c9gx-773q
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d48t-6m2w-s7h2
12
url VCID-dptm-3z1r-bubj
vulnerability_id VCID-dptm-3z1r-bubj
summary Froxlor is open source server administration software. Prior to 2.1.9, a Stored Blind Cross-Site Scripting (XSS) vulnerability was identified in the Failed Login Attempts Logging Feature of the Froxlor Application. An unauthenticated User can inject malicious scripts in the loginname parameter on the Login attempt, which will then be executed when viewed by the Administrator in the System Logs. By exploiting this vulnerability, the attacker can perform various malicious actions such as forcing the Administrator to execute actions without their knowledge or consent. For instance, the attacker can force the Administrator to add a new administrator controlled by the attacker, thereby giving the attacker full control over the application. This vulnerability is fixed in 2.1.9.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-34070
reference_id
reference_type
scores
0
value 0.00976
scoring_system epss
scoring_elements 0.77122
published_at 2026-06-11T12:55:00Z
1
value 0.00976
scoring_system epss
scoring_elements 0.77197
published_at 2026-06-14T12:55:00Z
2
value 0.00976
scoring_system epss
scoring_elements 0.77193
published_at 2026-06-12T12:55:00Z
3
value 0.00976
scoring_system epss
scoring_elements 0.77205
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-34070
1
reference_url https://github.com/froxlor/Froxlor
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/Froxlor
2
reference_url https://github.com/froxlor/Froxlor/commit/a862307bce5cdfb1c208b835f3e8faddd23046e6
reference_id a862307bce5cdfb1c208b835f3e8faddd23046e6
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value 9.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-10T20:22:17Z/
url https://github.com/froxlor/Froxlor/commit/a862307bce5cdfb1c208b835f3e8faddd23046e6
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-34070
reference_id CVE-2024-34070
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-34070
4
reference_url https://github.com/advisories/GHSA-x525-54hf-xr53
reference_id GHSA-x525-54hf-xr53
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x525-54hf-xr53
5
reference_url https://github.com/froxlor/Froxlor/security/advisories/GHSA-x525-54hf-xr53
reference_id GHSA-x525-54hf-xr53
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value 9.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
3
value CRITICAL
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-10T20:22:17Z/
url https://github.com/froxlor/Froxlor/security/advisories/GHSA-x525-54hf-xr53
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.1.9
purl pkg:composer/froxlor/froxlor@2.1.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-7e6h-qe19-jken
2
vulnerability VCID-9t9n-1hhp-3yga
3
vulnerability VCID-atns-wuzm-kqh2
4
vulnerability VCID-ebbm-gvf6-xfbd
5
vulnerability VCID-jvvz-9twe-8fb1
6
vulnerability VCID-nbu9-sey3-w7es
7
vulnerability VCID-rw5a-bgxw-bfbd
8
vulnerability VCID-tvgb-xmfz-tuf6
9
vulnerability VCID-u4pt-mr2z-j3f2
10
vulnerability VCID-w7xv-k4rd-v7bq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.1.9
aliases CVE-2024-34070, GHSA-x525-54hf-xr53
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dptm-3z1r-bubj
13
url VCID-e8hu-xceh-cygy
vulnerability_id VCID-e8hu-xceh-cygy
summary Froxlor SQL injection vulnerability
references
0
reference_url http://packetstormsecurity.com/files/164800/Froxlor-0.10.29.1-SQL-Injection.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/164800/Froxlor-0.10.29.1-SQL-Injection.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-42325
reference_id
reference_type
scores
0
value 0.05516
scoring_system epss
scoring_elements 0.90449
published_at 2026-06-11T12:55:00Z
1
value 0.05516
scoring_system epss
scoring_elements 0.90487
published_at 2026-06-14T12:55:00Z
2
value 0.05516
scoring_system epss
scoring_elements 0.90479
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-42325
2
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
3
reference_url https://github.com/Froxlor/Froxlor/commit/eb592340b022298f62a0a3e8450dbfbe29585782
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor/commit/eb592340b022298f62a0a3e8450dbfbe29585782
4
reference_url https://www.exploit-db.com/exploits/50502
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/50502
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50502.txt
reference_id CVE-2021-42325
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50502.txt
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-42325
reference_id CVE-2021-42325
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-42325
7
reference_url https://github.com/advisories/GHSA-6fvw-x6gw-4wv8
reference_id GHSA-6fvw-x6gw-4wv8
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6fvw-x6gw-4wv8
fixed_packages
0
url pkg:composer/froxlor/froxlor@0.10.30
purl pkg:composer/froxlor/froxlor@0.10.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13gb-yr6z-n7cc
1
vulnerability VCID-1rwn-9phn-kkb4
2
vulnerability VCID-2mym-uwpj-v3he
3
vulnerability VCID-38ph-pcue-zydu
4
vulnerability VCID-44fu-9q5x-uuf8
5
vulnerability VCID-7e6h-qe19-jken
6
vulnerability VCID-8c8t-7j1p-3baa
7
vulnerability VCID-9t9n-1hhp-3yga
8
vulnerability VCID-atns-wuzm-kqh2
9
vulnerability VCID-d48t-6m2w-s7h2
10
vulnerability VCID-dptm-3z1r-bubj
11
vulnerability VCID-ebbm-gvf6-xfbd
12
vulnerability VCID-f15s-unrj-57ax
13
vulnerability VCID-gfgb-su1s-ubaj
14
vulnerability VCID-gxb4-1jgt-z3a8
15
vulnerability VCID-gyny-xdxc-vyg7
16
vulnerability VCID-hhky-38kt-9fcd
17
vulnerability VCID-hhmm-9bdt-fyb5
18
vulnerability VCID-hr4y-q8gp-5ua5
19
vulnerability VCID-hs15-esbz-bfhb
20
vulnerability VCID-jvvz-9twe-8fb1
21
vulnerability VCID-mgwv-2pj5-pqav
22
vulnerability VCID-nbu9-sey3-w7es
23
vulnerability VCID-nf6w-t7ew-ryde
24
vulnerability VCID-p242-zj5r-7faw
25
vulnerability VCID-p627-qr92-mkdp
26
vulnerability VCID-qyzq-4avu-zugu
27
vulnerability VCID-rw5a-bgxw-bfbd
28
vulnerability VCID-tk6b-p759-jyfv
29
vulnerability VCID-tvgb-xmfz-tuf6
30
vulnerability VCID-u4pt-mr2z-j3f2
31
vulnerability VCID-unh1-2xmh-qbcs
32
vulnerability VCID-vbvy-j84s-zygu
33
vulnerability VCID-w7xv-k4rd-v7bq
34
vulnerability VCID-x93s-u6kq-fbbe
35
vulnerability VCID-xpgs-hpf3-3qff
36
vulnerability VCID-y4zg-wf1d-4bcm
37
vulnerability VCID-yqdf-v5wf-j3bj
38
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@0.10.30
aliases CVE-2021-42325, GHSA-6fvw-x6gw-4wv8
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e8hu-xceh-cygy
14
url VCID-ebbm-gvf6-xfbd
vulnerability_id VCID-ebbm-gvf6-xfbd
summary Froxlor is open source server administration software. Prior to version 2.3.6, `PhpHelper::parseArrayToString()` writes string values into single-quoted PHP string literals without escaping single quotes. When an admin with `change_serversettings` permission adds or updates a MySQL server via the API, the `privileged_user` parameter (which has no input validation) is written unescaped into `lib/userdata.inc.php`. Since this file is `require`d on every request via `Database::getDB()`, an attacker can inject arbitrary PHP code that executes as the web server user on every subsequent page load. Version 2.3.6 contains a patch.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41229
reference_id
reference_type
scores
0
value 0.00102
scoring_system epss
scoring_elements 0.2754
published_at 2026-06-11T12:55:00Z
1
value 0.00102
scoring_system epss
scoring_elements 0.27758
published_at 2026-06-14T12:55:00Z
2
value 0.00102
scoring_system epss
scoring_elements 0.27743
published_at 2026-06-12T12:55:00Z
3
value 0.00102
scoring_system epss
scoring_elements 0.27768
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41229
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41229
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41229
3
reference_url https://github.com/froxlor/froxlor/releases/tag/2.3.6
reference_id 2.3.6
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T12:31:11Z/
url https://github.com/froxlor/froxlor/releases/tag/2.3.6
4
reference_url https://github.com/froxlor/froxlor/commit/3589ddf93ab59eb2a8971f0f56cbf6266d03c4ae
reference_id 3589ddf93ab59eb2a8971f0f56cbf6266d03c4ae
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T12:31:11Z/
url https://github.com/froxlor/froxlor/commit/3589ddf93ab59eb2a8971f0f56cbf6266d03c4ae
5
reference_url https://github.com/advisories/GHSA-gc9w-cc93-rjv8
reference_id GHSA-gc9w-cc93-rjv8
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gc9w-cc93-rjv8
6
reference_url https://github.com/froxlor/froxlor/security/advisories/GHSA-gc9w-cc93-rjv8
reference_id GHSA-gc9w-cc93-rjv8
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T12:31:11Z/
url https://github.com/froxlor/froxlor/security/advisories/GHSA-gc9w-cc93-rjv8
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.3.6
purl pkg:composer/froxlor/froxlor@2.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-46tt-1n8z-xuct
1
vulnerability VCID-kjsn-vrac-67f9
2
vulnerability VCID-uyv2-5ka7-pufp
3
vulnerability VCID-vvvf-273x-s3g8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.3.6
aliases CVE-2026-41229, GHSA-gc9w-cc93-rjv8
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ebbm-gvf6-xfbd
15
url VCID-f15s-unrj-57ax
vulnerability_id VCID-f15s-unrj-57ax
summary Session Fixation in GitHub repository froxlor/froxlor prior to 2.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-3192
reference_id
reference_type
scores
0
value 0.00158
scoring_system epss
scoring_elements 0.36562
published_at 2026-06-14T12:55:00Z
1
value 0.00158
scoring_system epss
scoring_elements 0.36573
published_at 2026-06-13T12:55:00Z
2
value 0.0016
scoring_system epss
scoring_elements 0.36727
published_at 2026-06-11T12:55:00Z
3
value 0.0017
scoring_system epss
scoring_elements 0.38195
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-3192
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-3192
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-3192
3
reference_url https://github.com/froxlor/froxlor/commit/94d9c3eedf31bc8447e3aa349e32880dde02ee52
reference_id 94d9c3eedf31bc8447e3aa349e32880dde02ee52
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-06T17:04:10Z/
url https://github.com/froxlor/froxlor/commit/94d9c3eedf31bc8447e3aa349e32880dde02ee52
4
reference_url https://huntr.dev/bounties/f3644772-9c86-4f55-a0fa-aeb11f411551
reference_id f3644772-9c86-4f55-a0fa-aeb11f411551
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-06T17:04:10Z/
url https://huntr.dev/bounties/f3644772-9c86-4f55-a0fa-aeb11f411551
5
reference_url https://github.com/advisories/GHSA-jr66-9ghf-6gp3
reference_id GHSA-jr66-9ghf-6gp3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jr66-9ghf-6gp3
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.1.0
purl pkg:composer/froxlor/froxlor@2.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-7e6h-qe19-jken
2
vulnerability VCID-9t9n-1hhp-3yga
3
vulnerability VCID-atns-wuzm-kqh2
4
vulnerability VCID-dptm-3z1r-bubj
5
vulnerability VCID-ebbm-gvf6-xfbd
6
vulnerability VCID-jvvz-9twe-8fb1
7
vulnerability VCID-nbu9-sey3-w7es
8
vulnerability VCID-rw5a-bgxw-bfbd
9
vulnerability VCID-tvgb-xmfz-tuf6
10
vulnerability VCID-u4pt-mr2z-j3f2
11
vulnerability VCID-w7xv-k4rd-v7bq
12
vulnerability VCID-x93s-u6kq-fbbe
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.1.0
aliases CVE-2023-3192, GHSA-jr66-9ghf-6gp3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f15s-unrj-57ax
16
url VCID-fcst-mqr9-y3gn
vulnerability_id VCID-fcst-mqr9-y3gn
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10235
reference_id
reference_type
scores
0
value 0.00665
scoring_system epss
scoring_elements 0.71782
published_at 2026-06-14T12:55:00Z
1
value 0.007
scoring_system epss
scoring_elements 0.72474
published_at 2026-06-11T12:55:00Z
2
value 0.007
scoring_system epss
scoring_elements 0.72552
published_at 2026-06-12T12:55:00Z
3
value 0.007
scoring_system epss
scoring_elements 0.72566
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10235
1
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1165721
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.suse.com/show_bug.cgi?id=1165721
2
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
3
reference_url https://github.com/Froxlor/Froxlor/commit/62ce21c9ec393f9962515c88f0c489ace42bf656
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor/commit/62ce21c9ec393f9962515c88f0c489ace42bf656
4
reference_url https://github.com/Froxlor/Froxlor/commit/7e361274c5bf687b6a42dd1871f6d75506c5d207
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor/commit/7e361274c5bf687b6a42dd1871f6d75506c5d207
5
reference_url https://github.com/Froxlor/Froxlor/compare/0.10.13...0.10.14
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor/compare/0.10.13...0.10.14
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10235
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10235
7
reference_url https://github.com/advisories/GHSA-p29c-jpgj-v57r
reference_id GHSA-p29c-jpgj-v57r
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p29c-jpgj-v57r
fixed_packages
0
url pkg:composer/froxlor/froxlor@0.10.14
purl pkg:composer/froxlor/froxlor@0.10.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13gb-yr6z-n7cc
1
vulnerability VCID-1rwn-9phn-kkb4
2
vulnerability VCID-2mym-uwpj-v3he
3
vulnerability VCID-38ph-pcue-zydu
4
vulnerability VCID-44fu-9q5x-uuf8
5
vulnerability VCID-7e6h-qe19-jken
6
vulnerability VCID-8c8t-7j1p-3baa
7
vulnerability VCID-8t9k-hvwr-xubb
8
vulnerability VCID-9t9n-1hhp-3yga
9
vulnerability VCID-atns-wuzm-kqh2
10
vulnerability VCID-d48t-6m2w-s7h2
11
vulnerability VCID-dptm-3z1r-bubj
12
vulnerability VCID-e8hu-xceh-cygy
13
vulnerability VCID-ebbm-gvf6-xfbd
14
vulnerability VCID-f15s-unrj-57ax
15
vulnerability VCID-gfgb-su1s-ubaj
16
vulnerability VCID-gxb4-1jgt-z3a8
17
vulnerability VCID-gyny-xdxc-vyg7
18
vulnerability VCID-hhky-38kt-9fcd
19
vulnerability VCID-hhmm-9bdt-fyb5
20
vulnerability VCID-hr4y-q8gp-5ua5
21
vulnerability VCID-hs15-esbz-bfhb
22
vulnerability VCID-hwdk-umd9-pbhp
23
vulnerability VCID-jvvz-9twe-8fb1
24
vulnerability VCID-mgwv-2pj5-pqav
25
vulnerability VCID-nbu9-sey3-w7es
26
vulnerability VCID-nf6w-t7ew-ryde
27
vulnerability VCID-p242-zj5r-7faw
28
vulnerability VCID-p627-qr92-mkdp
29
vulnerability VCID-qyzq-4avu-zugu
30
vulnerability VCID-rw5a-bgxw-bfbd
31
vulnerability VCID-tk6b-p759-jyfv
32
vulnerability VCID-tvgb-xmfz-tuf6
33
vulnerability VCID-u4pt-mr2z-j3f2
34
vulnerability VCID-unh1-2xmh-qbcs
35
vulnerability VCID-vbvy-j84s-zygu
36
vulnerability VCID-w7xv-k4rd-v7bq
37
vulnerability VCID-x93s-u6kq-fbbe
38
vulnerability VCID-xpgs-hpf3-3qff
39
vulnerability VCID-y4zg-wf1d-4bcm
40
vulnerability VCID-yqdf-v5wf-j3bj
41
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@0.10.14
aliases CVE-2020-10235, GHSA-p29c-jpgj-v57r
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fcst-mqr9-y3gn
17
url VCID-gfgb-su1s-ubaj
vulnerability_id VCID-gfgb-su1s-ubaj
summary Improper Restriction of Excessive Authentication Attempts in GitHub repository froxlor/froxlor prior to 2.0.20.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-3173
reference_id
reference_type
scores
0
value 0.00137
scoring_system epss
scoring_elements 0.335
published_at 2026-06-11T12:55:00Z
1
value 0.00137
scoring_system epss
scoring_elements 0.33676
published_at 2026-06-14T12:55:00Z
2
value 0.00137
scoring_system epss
scoring_elements 0.3368
published_at 2026-06-12T12:55:00Z
3
value 0.00137
scoring_system epss
scoring_elements 0.33702
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-3173
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-3173
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-3173
3
reference_url https://github.com/froxlor/froxlor/commit/464216072456efb35b4541c58e7016463dfbd9a6
reference_id 464216072456efb35b4541c58e7016463dfbd9a6
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-01-06T17:11:52Z/
url https://github.com/froxlor/froxlor/commit/464216072456efb35b4541c58e7016463dfbd9a6
4
reference_url https://huntr.dev/bounties/4d715f76-950d-4251-8139-3dffea798f14
reference_id 4d715f76-950d-4251-8139-3dffea798f14
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-01-06T17:11:52Z/
url https://huntr.dev/bounties/4d715f76-950d-4251-8139-3dffea798f14
5
reference_url https://github.com/advisories/GHSA-chw4-88xc-79w6
reference_id GHSA-chw4-88xc-79w6
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-chw4-88xc-79w6
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.20
purl pkg:composer/froxlor/froxlor@2.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-38ph-pcue-zydu
2
vulnerability VCID-7e6h-qe19-jken
3
vulnerability VCID-9t9n-1hhp-3yga
4
vulnerability VCID-atns-wuzm-kqh2
5
vulnerability VCID-dptm-3z1r-bubj
6
vulnerability VCID-ebbm-gvf6-xfbd
7
vulnerability VCID-f15s-unrj-57ax
8
vulnerability VCID-jvvz-9twe-8fb1
9
vulnerability VCID-nbu9-sey3-w7es
10
vulnerability VCID-rw5a-bgxw-bfbd
11
vulnerability VCID-tk6b-p759-jyfv
12
vulnerability VCID-tvgb-xmfz-tuf6
13
vulnerability VCID-u4pt-mr2z-j3f2
14
vulnerability VCID-w7xv-k4rd-v7bq
15
vulnerability VCID-x93s-u6kq-fbbe
16
vulnerability VCID-y4zg-wf1d-4bcm
17
vulnerability VCID-yqdf-v5wf-j3bj
18
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.20
aliases CVE-2023-3173, GHSA-chw4-88xc-79w6
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gfgb-su1s-ubaj
18
url VCID-gxb4-1jgt-z3a8
vulnerability_id VCID-gxb4-1jgt-z3a8
summary Code Injection in GitHub repository froxlor/froxlor prior to 0.10.39.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3721
reference_id
reference_type
scores
0
value 0.00419
scoring_system epss
scoring_elements 0.62328
published_at 2026-06-11T12:55:00Z
1
value 0.00419
scoring_system epss
scoring_elements 0.62437
published_at 2026-06-14T12:55:00Z
2
value 0.00419
scoring_system epss
scoring_elements 0.62429
published_at 2026-06-12T12:55:00Z
3
value 0.00419
scoring_system epss
scoring_elements 0.62441
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3721
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://huntr.com/bounties/a3c506f0-5f8a-4eaa-b8cc-46fb9e35cf7a
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://huntr.com/bounties/a3c506f0-5f8a-4eaa-b8cc-46fb9e35cf7a
3
reference_url https://github.com/froxlor/froxlor/commit/1182453c18a83309a3470b2775c148ede740806c
reference_id 1182453c18a83309a3470b2775c148ede740806c
reference_type
scores
0
value 7.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
1
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-02T18:44:31Z/
url https://github.com/froxlor/froxlor/commit/1182453c18a83309a3470b2775c148ede740806c
4
reference_url https://huntr.dev/bounties/a3c506f0-5f8a-4eaa-b8cc-46fb9e35cf7a
reference_id a3c506f0-5f8a-4eaa-b8cc-46fb9e35cf7a
reference_type
scores
0
value 7.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
1
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-02T18:44:31Z/
url https://huntr.dev/bounties/a3c506f0-5f8a-4eaa-b8cc-46fb9e35cf7a
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3721
reference_id CVE-2022-3721
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-3721
6
reference_url https://github.com/advisories/GHSA-h95w-p3x6-wwj6
reference_id GHSA-h95w-p3x6-wwj6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h95w-p3x6-wwj6
fixed_packages
0
url pkg:composer/froxlor/froxlor@0.10.39
purl pkg:composer/froxlor/froxlor@0.10.39
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@0.10.39
aliases CVE-2022-3721, GHSA-h95w-p3x6-wwj6
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gxb4-1jgt-z3a8
19
url VCID-gyny-xdxc-vyg7
vulnerability_id VCID-gyny-xdxc-vyg7
summary Improper Authorization in GitHub repository froxlor/froxlor prior to 2.0.0-beta1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-4868
reference_id
reference_type
scores
0
value 0.00171
scoring_system epss
scoring_elements 0.38208
published_at 2026-06-11T12:55:00Z
1
value 0.00171
scoring_system epss
scoring_elements 0.38393
published_at 2026-06-14T12:55:00Z
2
value 0.00171
scoring_system epss
scoring_elements 0.38382
published_at 2026-06-12T12:55:00Z
3
value 0.00171
scoring_system epss
scoring_elements 0.38404
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-4868
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-4868
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-4868
3
reference_url https://github.com/froxlor/froxlor/commit/0527f22dc942483430f8449e25a096bb8d683a5d
reference_id 0527f22dc942483430f8449e25a096bb8d683a5d
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T14:35:21Z/
url https://github.com/froxlor/froxlor/commit/0527f22dc942483430f8449e25a096bb8d683a5d
4
reference_url https://huntr.dev/bounties/3a8f36ac-5eda-41e7-a9c4-e0f3d63e6e3b
reference_id 3a8f36ac-5eda-41e7-a9c4-e0f3d63e6e3b
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T14:35:21Z/
url https://huntr.dev/bounties/3a8f36ac-5eda-41e7-a9c4-e0f3d63e6e3b
5
reference_url https://github.com/advisories/GHSA-w6qf-j4qr-f946
reference_id GHSA-w6qf-j4qr-f946
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w6qf-j4qr-f946
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.0-beta1
purl pkg:composer/froxlor/froxlor@2.0.0-beta1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.0-beta1
1
url pkg:composer/froxlor/froxlor@2.0.0
purl pkg:composer/froxlor/froxlor@2.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13gb-yr6z-n7cc
1
vulnerability VCID-1rwn-9phn-kkb4
2
vulnerability VCID-2mym-uwpj-v3he
3
vulnerability VCID-38ph-pcue-zydu
4
vulnerability VCID-44fu-9q5x-uuf8
5
vulnerability VCID-7e6h-qe19-jken
6
vulnerability VCID-9t9n-1hhp-3yga
7
vulnerability VCID-atns-wuzm-kqh2
8
vulnerability VCID-d48t-6m2w-s7h2
9
vulnerability VCID-dptm-3z1r-bubj
10
vulnerability VCID-ebbm-gvf6-xfbd
11
vulnerability VCID-f15s-unrj-57ax
12
vulnerability VCID-gfgb-su1s-ubaj
13
vulnerability VCID-hhmm-9bdt-fyb5
14
vulnerability VCID-hr4y-q8gp-5ua5
15
vulnerability VCID-hs15-esbz-bfhb
16
vulnerability VCID-jvvz-9twe-8fb1
17
vulnerability VCID-nbu9-sey3-w7es
18
vulnerability VCID-nf6w-t7ew-ryde
19
vulnerability VCID-p242-zj5r-7faw
20
vulnerability VCID-rw5a-bgxw-bfbd
21
vulnerability VCID-tk6b-p759-jyfv
22
vulnerability VCID-tvgb-xmfz-tuf6
23
vulnerability VCID-u4pt-mr2z-j3f2
24
vulnerability VCID-unh1-2xmh-qbcs
25
vulnerability VCID-vbvy-j84s-zygu
26
vulnerability VCID-w7xv-k4rd-v7bq
27
vulnerability VCID-x93s-u6kq-fbbe
28
vulnerability VCID-xpgs-hpf3-3qff
29
vulnerability VCID-y4zg-wf1d-4bcm
30
vulnerability VCID-yqdf-v5wf-j3bj
31
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.0
aliases CVE-2022-4868, GHSA-w6qf-j4qr-f946
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gyny-xdxc-vyg7
20
url VCID-hhky-38kt-9fcd
vulnerability_id VCID-hhky-38kt-9fcd
summary Argument Injection in GitHub repository froxlor/froxlor prior to 2.0.0-beta1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-4864
reference_id
reference_type
scores
0
value 0.00307
scoring_system epss
scoring_elements 0.54281
published_at 2026-06-11T12:55:00Z
1
value 0.00307
scoring_system epss
scoring_elements 0.54407
published_at 2026-06-14T12:55:00Z
2
value 0.00307
scoring_system epss
scoring_elements 0.54406
published_at 2026-06-12T12:55:00Z
3
value 0.00307
scoring_system epss
scoring_elements 0.54422
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-4864
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-4864
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-4864
3
reference_url https://huntr.dev/bounties/b7140709-8f84-4f19-9463-78669fa2175b
reference_id b7140709-8f84-4f19-9463-78669fa2175b
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T14:45:46Z/
url https://huntr.dev/bounties/b7140709-8f84-4f19-9463-78669fa2175b
4
reference_url https://github.com/froxlor/froxlor/commit/f2485ecd9aab8da544b5e12891d82ae6fcff5fc7
reference_id f2485ecd9aab8da544b5e12891d82ae6fcff5fc7
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T14:45:46Z/
url https://github.com/froxlor/froxlor/commit/f2485ecd9aab8da544b5e12891d82ae6fcff5fc7
5
reference_url https://github.com/advisories/GHSA-3v7m-2jrh-vc93
reference_id GHSA-3v7m-2jrh-vc93
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3v7m-2jrh-vc93
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.0-beta1
purl pkg:composer/froxlor/froxlor@2.0.0-beta1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.0-beta1
1
url pkg:composer/froxlor/froxlor@2.0.0
purl pkg:composer/froxlor/froxlor@2.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13gb-yr6z-n7cc
1
vulnerability VCID-1rwn-9phn-kkb4
2
vulnerability VCID-2mym-uwpj-v3he
3
vulnerability VCID-38ph-pcue-zydu
4
vulnerability VCID-44fu-9q5x-uuf8
5
vulnerability VCID-7e6h-qe19-jken
6
vulnerability VCID-9t9n-1hhp-3yga
7
vulnerability VCID-atns-wuzm-kqh2
8
vulnerability VCID-d48t-6m2w-s7h2
9
vulnerability VCID-dptm-3z1r-bubj
10
vulnerability VCID-ebbm-gvf6-xfbd
11
vulnerability VCID-f15s-unrj-57ax
12
vulnerability VCID-gfgb-su1s-ubaj
13
vulnerability VCID-hhmm-9bdt-fyb5
14
vulnerability VCID-hr4y-q8gp-5ua5
15
vulnerability VCID-hs15-esbz-bfhb
16
vulnerability VCID-jvvz-9twe-8fb1
17
vulnerability VCID-nbu9-sey3-w7es
18
vulnerability VCID-nf6w-t7ew-ryde
19
vulnerability VCID-p242-zj5r-7faw
20
vulnerability VCID-rw5a-bgxw-bfbd
21
vulnerability VCID-tk6b-p759-jyfv
22
vulnerability VCID-tvgb-xmfz-tuf6
23
vulnerability VCID-u4pt-mr2z-j3f2
24
vulnerability VCID-unh1-2xmh-qbcs
25
vulnerability VCID-vbvy-j84s-zygu
26
vulnerability VCID-w7xv-k4rd-v7bq
27
vulnerability VCID-x93s-u6kq-fbbe
28
vulnerability VCID-xpgs-hpf3-3qff
29
vulnerability VCID-y4zg-wf1d-4bcm
30
vulnerability VCID-yqdf-v5wf-j3bj
31
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.0
aliases CVE-2022-4864, GHSA-3v7m-2jrh-vc93
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hhky-38kt-9fcd
21
url VCID-hhmm-9bdt-fyb5
vulnerability_id VCID-hhmm-9bdt-fyb5
summary Unrestricted Upload of File with Dangerous Type in GitHub repository froxlor/froxlor prior to 2.0.14.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-2034
reference_id
reference_type
scores
0
value 0.08952
scoring_system epss
scoring_elements 0.92779
published_at 2026-06-11T12:55:00Z
1
value 0.08952
scoring_system epss
scoring_elements 0.92806
published_at 2026-06-14T12:55:00Z
2
value 0.08952
scoring_system epss
scoring_elements 0.92804
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-2034
1
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-2034
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-2034
3
reference_url https://huntr.dev/bounties/aba6beaa-570e-4523-8128-da4d8e374ef6
reference_id aba6beaa-570e-4523-8128-da4d8e374ef6
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-06T21:01:22Z/
url https://huntr.dev/bounties/aba6beaa-570e-4523-8128-da4d8e374ef6
4
reference_url https://github.com/froxlor/froxlor/commit/f36bc61fc74c85a21c8d31448198b11f96eb3bc6
reference_id f36bc61fc74c85a21c8d31448198b11f96eb3bc6
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-06T21:01:22Z/
url https://github.com/froxlor/froxlor/commit/f36bc61fc74c85a21c8d31448198b11f96eb3bc6
5
reference_url https://github.com/advisories/GHSA-qwvp-g9j7-28f6
reference_id GHSA-qwvp-g9j7-28f6
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qwvp-g9j7-28f6
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.14
purl pkg:composer/froxlor/froxlor@2.0.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-38ph-pcue-zydu
2
vulnerability VCID-44fu-9q5x-uuf8
3
vulnerability VCID-7e6h-qe19-jken
4
vulnerability VCID-9t9n-1hhp-3yga
5
vulnerability VCID-atns-wuzm-kqh2
6
vulnerability VCID-dptm-3z1r-bubj
7
vulnerability VCID-ebbm-gvf6-xfbd
8
vulnerability VCID-f15s-unrj-57ax
9
vulnerability VCID-gfgb-su1s-ubaj
10
vulnerability VCID-jvvz-9twe-8fb1
11
vulnerability VCID-nbu9-sey3-w7es
12
vulnerability VCID-rw5a-bgxw-bfbd
13
vulnerability VCID-tk6b-p759-jyfv
14
vulnerability VCID-tvgb-xmfz-tuf6
15
vulnerability VCID-u4pt-mr2z-j3f2
16
vulnerability VCID-vbvy-j84s-zygu
17
vulnerability VCID-w7xv-k4rd-v7bq
18
vulnerability VCID-x93s-u6kq-fbbe
19
vulnerability VCID-y4zg-wf1d-4bcm
20
vulnerability VCID-yqdf-v5wf-j3bj
21
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.14
aliases CVE-2023-2034, GHSA-qwvp-g9j7-28f6
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hhmm-9bdt-fyb5
22
url VCID-hr4y-q8gp-5ua5
vulnerability_id VCID-hr4y-q8gp-5ua5
summary Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in froxlor/froxlor prior to 2.0.10.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0566
reference_id
reference_type
scores
0
value 0.00304
scoring_system epss
scoring_elements 0.5418
published_at 2026-06-14T12:55:00Z
1
value 0.00304
scoring_system epss
scoring_elements 0.54176
published_at 2026-06-12T12:55:00Z
2
value 0.00304
scoring_system epss
scoring_elements 0.54193
published_at 2026-06-13T12:55:00Z
3
value 0.00304
scoring_system epss
scoring_elements 0.5405
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0566
1
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0566
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-0566
3
reference_url https://huntr.dev/bounties/8339e4f1-d430-4845-81b5-36dd9fcdac49
reference_id 8339e4f1-d430-4845-81b5-36dd9fcdac49
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-28T15:44:01Z/
url https://huntr.dev/bounties/8339e4f1-d430-4845-81b5-36dd9fcdac49
4
reference_url https://github.com/froxlor/froxlor/commit/bd5b99dc1c06f594b9563d459a50bf3b32504876
reference_id bd5b99dc1c06f594b9563d459a50bf3b32504876
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-28T15:44:01Z/
url https://github.com/froxlor/froxlor/commit/bd5b99dc1c06f594b9563d459a50bf3b32504876
5
reference_url https://github.com/advisories/GHSA-w7w4-qjgg-372x
reference_id GHSA-w7w4-qjgg-372x
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w7w4-qjgg-372x
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.10
purl pkg:composer/froxlor/froxlor@2.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13gb-yr6z-n7cc
1
vulnerability VCID-1rwn-9phn-kkb4
2
vulnerability VCID-38ph-pcue-zydu
3
vulnerability VCID-44fu-9q5x-uuf8
4
vulnerability VCID-7e6h-qe19-jken
5
vulnerability VCID-9t9n-1hhp-3yga
6
vulnerability VCID-atns-wuzm-kqh2
7
vulnerability VCID-dptm-3z1r-bubj
8
vulnerability VCID-ebbm-gvf6-xfbd
9
vulnerability VCID-f15s-unrj-57ax
10
vulnerability VCID-gfgb-su1s-ubaj
11
vulnerability VCID-hhmm-9bdt-fyb5
12
vulnerability VCID-jvvz-9twe-8fb1
13
vulnerability VCID-nbu9-sey3-w7es
14
vulnerability VCID-nf6w-t7ew-ryde
15
vulnerability VCID-rw5a-bgxw-bfbd
16
vulnerability VCID-tk6b-p759-jyfv
17
vulnerability VCID-tvgb-xmfz-tuf6
18
vulnerability VCID-u4pt-mr2z-j3f2
19
vulnerability VCID-vbvy-j84s-zygu
20
vulnerability VCID-w7xv-k4rd-v7bq
21
vulnerability VCID-x93s-u6kq-fbbe
22
vulnerability VCID-xpgs-hpf3-3qff
23
vulnerability VCID-y4zg-wf1d-4bcm
24
vulnerability VCID-yqdf-v5wf-j3bj
25
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.10
aliases CVE-2023-0566, GHSA-w7w4-qjgg-372x
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hr4y-q8gp-5ua5
23
url VCID-hs15-esbz-bfhb
vulnerability_id VCID-hs15-esbz-bfhb
summary Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0671
reference_id
reference_type
scores
0
value 0.00513
scoring_system epss
scoring_elements 0.67111
published_at 2026-06-14T12:55:00Z
1
value 0.00513
scoring_system epss
scoring_elements 0.67098
published_at 2026-06-12T12:55:00Z
2
value 0.00513
scoring_system epss
scoring_elements 0.67112
published_at 2026-06-13T12:55:00Z
3
value 0.00513
scoring_system epss
scoring_elements 0.67007
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0671
1
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0671
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-0671
3
reference_url https://github.com/froxlor/froxlor/commit/0034681412057fef2dfe9cce9f8a6e3321f52edc
reference_id 0034681412057fef2dfe9cce9f8a6e3321f52edc
reference_type
scores
0
value 9.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-25T20:12:38Z/
url https://github.com/froxlor/froxlor/commit/0034681412057fef2dfe9cce9f8a6e3321f52edc
4
reference_url https://huntr.dev/bounties/c2a84917-7ac0-4169-81c1-b61e617023de
reference_id c2a84917-7ac0-4169-81c1-b61e617023de
reference_type
scores
0
value 9.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-25T20:12:38Z/
url https://huntr.dev/bounties/c2a84917-7ac0-4169-81c1-b61e617023de
5
reference_url https://github.com/advisories/GHSA-9fqc-9cpr-w73q
reference_id GHSA-9fqc-9cpr-w73q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9fqc-9cpr-w73q
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.10
purl pkg:composer/froxlor/froxlor@2.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13gb-yr6z-n7cc
1
vulnerability VCID-1rwn-9phn-kkb4
2
vulnerability VCID-38ph-pcue-zydu
3
vulnerability VCID-44fu-9q5x-uuf8
4
vulnerability VCID-7e6h-qe19-jken
5
vulnerability VCID-9t9n-1hhp-3yga
6
vulnerability VCID-atns-wuzm-kqh2
7
vulnerability VCID-dptm-3z1r-bubj
8
vulnerability VCID-ebbm-gvf6-xfbd
9
vulnerability VCID-f15s-unrj-57ax
10
vulnerability VCID-gfgb-su1s-ubaj
11
vulnerability VCID-hhmm-9bdt-fyb5
12
vulnerability VCID-jvvz-9twe-8fb1
13
vulnerability VCID-nbu9-sey3-w7es
14
vulnerability VCID-nf6w-t7ew-ryde
15
vulnerability VCID-rw5a-bgxw-bfbd
16
vulnerability VCID-tk6b-p759-jyfv
17
vulnerability VCID-tvgb-xmfz-tuf6
18
vulnerability VCID-u4pt-mr2z-j3f2
19
vulnerability VCID-vbvy-j84s-zygu
20
vulnerability VCID-w7xv-k4rd-v7bq
21
vulnerability VCID-x93s-u6kq-fbbe
22
vulnerability VCID-xpgs-hpf3-3qff
23
vulnerability VCID-y4zg-wf1d-4bcm
24
vulnerability VCID-yqdf-v5wf-j3bj
25
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.10
aliases CVE-2023-0671, GHSA-9fqc-9cpr-w73q
risk_score 4.5
exploitability 0.5
weighted_severity 8.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hs15-esbz-bfhb
24
url VCID-hwdk-umd9-pbhp
vulnerability_id VCID-hwdk-umd9-pbhp
summary HTML Injection in Froxlor
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-29653
reference_id
reference_type
scores
0
value 0.00331
scoring_system epss
scoring_elements 0.56546
published_at 2026-06-12T12:55:00Z
1
value 0.00331
scoring_system epss
scoring_elements 0.56428
published_at 2026-06-11T12:55:00Z
2
value 0.00331
scoring_system epss
scoring_elements 0.5655
published_at 2026-06-14T12:55:00Z
3
value 0.00331
scoring_system epss
scoring_elements 0.56561
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-29653
1
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
2
reference_url https://github.com/Froxlor/Froxlor/commit/6bf5eccc2477257b6c1760a3c3784ae7e0554ce0
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor/commit/6bf5eccc2477257b6c1760a3c3784ae7e0554ce0
3
reference_url https://github.com/Froxlor/Froxlor/security/advisories
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor/security/advisories
4
reference_url https://nozero.io/en/cve-2020-29653-froxlor-html-injection-dangling-markup
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nozero.io/en/cve-2020-29653-froxlor-html-injection-dangling-markup
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-29653
reference_id CVE-2020-29653
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-29653
6
reference_url https://nozero.io/en/cve-2020-29653-froxlor-html-injection-dangling-markup/
reference_id CVE-2020-29653-FROXLOR-HTML-INJECTION-DANGLING-MARKUP
reference_type
scores
url https://nozero.io/en/cve-2020-29653-froxlor-html-injection-dangling-markup/
7
reference_url https://github.com/advisories/GHSA-j739-gw6q-f4c7
reference_id GHSA-j739-gw6q-f4c7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j739-gw6q-f4c7
fixed_packages
0
url pkg:composer/froxlor/froxlor@0.10.23
purl pkg:composer/froxlor/froxlor@0.10.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13gb-yr6z-n7cc
1
vulnerability VCID-1rwn-9phn-kkb4
2
vulnerability VCID-2mym-uwpj-v3he
3
vulnerability VCID-38ph-pcue-zydu
4
vulnerability VCID-44fu-9q5x-uuf8
5
vulnerability VCID-7e6h-qe19-jken
6
vulnerability VCID-8c8t-7j1p-3baa
7
vulnerability VCID-9t9n-1hhp-3yga
8
vulnerability VCID-atns-wuzm-kqh2
9
vulnerability VCID-d48t-6m2w-s7h2
10
vulnerability VCID-dptm-3z1r-bubj
11
vulnerability VCID-e8hu-xceh-cygy
12
vulnerability VCID-ebbm-gvf6-xfbd
13
vulnerability VCID-f15s-unrj-57ax
14
vulnerability VCID-gfgb-su1s-ubaj
15
vulnerability VCID-gxb4-1jgt-z3a8
16
vulnerability VCID-gyny-xdxc-vyg7
17
vulnerability VCID-hhky-38kt-9fcd
18
vulnerability VCID-hhmm-9bdt-fyb5
19
vulnerability VCID-hr4y-q8gp-5ua5
20
vulnerability VCID-hs15-esbz-bfhb
21
vulnerability VCID-jvvz-9twe-8fb1
22
vulnerability VCID-mgwv-2pj5-pqav
23
vulnerability VCID-nbu9-sey3-w7es
24
vulnerability VCID-nf6w-t7ew-ryde
25
vulnerability VCID-p242-zj5r-7faw
26
vulnerability VCID-p627-qr92-mkdp
27
vulnerability VCID-qyzq-4avu-zugu
28
vulnerability VCID-rw5a-bgxw-bfbd
29
vulnerability VCID-tk6b-p759-jyfv
30
vulnerability VCID-tvgb-xmfz-tuf6
31
vulnerability VCID-u4pt-mr2z-j3f2
32
vulnerability VCID-unh1-2xmh-qbcs
33
vulnerability VCID-vbvy-j84s-zygu
34
vulnerability VCID-w7xv-k4rd-v7bq
35
vulnerability VCID-x93s-u6kq-fbbe
36
vulnerability VCID-xpgs-hpf3-3qff
37
vulnerability VCID-y4zg-wf1d-4bcm
38
vulnerability VCID-yqdf-v5wf-j3bj
39
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@0.10.23
aliases CVE-2020-29653, GHSA-j739-gw6q-f4c7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hwdk-umd9-pbhp
25
url VCID-jvvz-9twe-8fb1
vulnerability_id VCID-jvvz-9twe-8fb1
summary Froxlor is open source server administration software. Prior to version 2.2.6, an HTML Injection vulnerability in the customer account portal allows an attacker to inject malicious HTML payloads in the email section. This can lead to phishing attacks, credential theft, and reputational damage by redirecting users to malicious external websites. The vulnerability has a medium severity, as it can be exploited through user input without authentication. Version 2.2.6 fixes the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48958
reference_id
reference_type
scores
0
value 0.00171
scoring_system epss
scoring_elements 0.38415
published_at 2026-06-13T12:55:00Z
1
value 0.00171
scoring_system epss
scoring_elements 0.38403
published_at 2026-06-14T12:55:00Z
2
value 0.00171
scoring_system epss
scoring_elements 0.38392
published_at 2026-06-12T12:55:00Z
3
value 0.00171
scoring_system epss
scoring_elements 0.38218
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48958
1
reference_url https://github.com/froxlor/Froxlor
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/Froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-48958
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-48958
3
reference_url https://github.com/user-attachments/assets/86947633-3e7c-4e10-86cc-92e577761e8e
reference_id 86947633-3e7c-4e10-86cc-92e577761e8e
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-02T16:40:22Z/
url https://github.com/user-attachments/assets/86947633-3e7c-4e10-86cc-92e577761e8e
4
reference_url https://github.com/froxlor/Froxlor/commit/fde43f80600f1035e1e3d2297411b666d805549a
reference_id fde43f80600f1035e1e3d2297411b666d805549a
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-02T16:40:22Z/
url https://github.com/froxlor/Froxlor/commit/fde43f80600f1035e1e3d2297411b666d805549a
5
reference_url https://github.com/advisories/GHSA-26xq-m8xw-6373
reference_id GHSA-26xq-m8xw-6373
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-26xq-m8xw-6373
6
reference_url https://github.com/froxlor/Froxlor/security/advisories/GHSA-26xq-m8xw-6373
reference_id GHSA-26xq-m8xw-6373
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-02T16:40:22Z/
url https://github.com/froxlor/Froxlor/security/advisories/GHSA-26xq-m8xw-6373
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.2.6
purl pkg:composer/froxlor/froxlor@2.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-9t9n-1hhp-3yga
2
vulnerability VCID-atns-wuzm-kqh2
3
vulnerability VCID-ebbm-gvf6-xfbd
4
vulnerability VCID-nbu9-sey3-w7es
5
vulnerability VCID-rw5a-bgxw-bfbd
6
vulnerability VCID-tvgb-xmfz-tuf6
7
vulnerability VCID-w7xv-k4rd-v7bq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.2.6
aliases CVE-2025-48958, GHSA-26xq-m8xw-6373
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jvvz-9twe-8fb1
26
url VCID-mgwv-2pj5-pqav
vulnerability_id VCID-mgwv-2pj5-pqav
summary Path Traversal: '\..\filename' in GitHub repository froxlor/froxlor prior to 2.0.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0316
reference_id
reference_type
scores
0
value 0.00265
scoring_system epss
scoring_elements 0.50264
published_at 2026-06-11T12:55:00Z
1
value 0.00265
scoring_system epss
scoring_elements 0.50403
published_at 2026-06-14T12:55:00Z
2
value 0.00265
scoring_system epss
scoring_elements 0.50398
published_at 2026-06-12T12:55:00Z
3
value 0.00265
scoring_system epss
scoring_elements 0.50417
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0316
1
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0316
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-0316
3
reference_url https://github.com/froxlor/froxlor/commit/983d9294603925018225d672795bd8b4a526f41e
reference_id 983d9294603925018225d672795bd8b4a526f41e
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T15:08:55Z/
url https://github.com/froxlor/froxlor/commit/983d9294603925018225d672795bd8b4a526f41e
4
reference_url https://huntr.dev/bounties/c190e42a-4806-47aa-aa1e-ff5d6407e244
reference_id c190e42a-4806-47aa-aa1e-ff5d6407e244
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T15:08:55Z/
url https://huntr.dev/bounties/c190e42a-4806-47aa-aa1e-ff5d6407e244
5
reference_url https://github.com/advisories/GHSA-xp3g-2729-rxm3
reference_id GHSA-xp3g-2729-rxm3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xp3g-2729-rxm3
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.0
purl pkg:composer/froxlor/froxlor@2.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13gb-yr6z-n7cc
1
vulnerability VCID-1rwn-9phn-kkb4
2
vulnerability VCID-2mym-uwpj-v3he
3
vulnerability VCID-38ph-pcue-zydu
4
vulnerability VCID-44fu-9q5x-uuf8
5
vulnerability VCID-7e6h-qe19-jken
6
vulnerability VCID-9t9n-1hhp-3yga
7
vulnerability VCID-atns-wuzm-kqh2
8
vulnerability VCID-d48t-6m2w-s7h2
9
vulnerability VCID-dptm-3z1r-bubj
10
vulnerability VCID-ebbm-gvf6-xfbd
11
vulnerability VCID-f15s-unrj-57ax
12
vulnerability VCID-gfgb-su1s-ubaj
13
vulnerability VCID-hhmm-9bdt-fyb5
14
vulnerability VCID-hr4y-q8gp-5ua5
15
vulnerability VCID-hs15-esbz-bfhb
16
vulnerability VCID-jvvz-9twe-8fb1
17
vulnerability VCID-nbu9-sey3-w7es
18
vulnerability VCID-nf6w-t7ew-ryde
19
vulnerability VCID-p242-zj5r-7faw
20
vulnerability VCID-rw5a-bgxw-bfbd
21
vulnerability VCID-tk6b-p759-jyfv
22
vulnerability VCID-tvgb-xmfz-tuf6
23
vulnerability VCID-u4pt-mr2z-j3f2
24
vulnerability VCID-unh1-2xmh-qbcs
25
vulnerability VCID-vbvy-j84s-zygu
26
vulnerability VCID-w7xv-k4rd-v7bq
27
vulnerability VCID-x93s-u6kq-fbbe
28
vulnerability VCID-xpgs-hpf3-3qff
29
vulnerability VCID-y4zg-wf1d-4bcm
30
vulnerability VCID-yqdf-v5wf-j3bj
31
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.0
aliases CVE-2023-0316, GHSA-xp3g-2729-rxm3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mgwv-2pj5-pqav
27
url VCID-nbu9-sey3-w7es
vulnerability_id VCID-nbu9-sey3-w7es
summary Froxlor is open source server administration software. Prior to version 2.3.6, in `EmailSender::add()`, the domain ownership validation for full email sender aliases uses the wrong array index when splitting the email address, passing the local part instead of the domain to `validateLocalDomainOwnership()`. This causes the ownership check to always pass for non-existent "domains," allowing any authenticated customer to add sender aliases for email addresses on domains belonging to other customers. Postfix's `sender_login_maps` then authorizes the attacker to send emails as those addresses. Version 2.3.6 fixes the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41232
reference_id
reference_type
scores
0
value 0.00039
scoring_system epss
scoring_elements 0.12259
published_at 2026-06-14T12:55:00Z
1
value 0.00039
scoring_system epss
scoring_elements 0.12181
published_at 2026-06-11T12:55:00Z
2
value 0.00039
scoring_system epss
scoring_elements 0.1228
published_at 2026-06-13T12:55:00Z
3
value 0.00039
scoring_system epss
scoring_elements 0.12274
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41232
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41232
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41232
3
reference_url https://github.com/froxlor/froxlor/releases/tag/2.3.6
reference_id 2.3.6
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-23T14:49:29Z/
url https://github.com/froxlor/froxlor/releases/tag/2.3.6
4
reference_url https://github.com/froxlor/froxlor/commit/77d04badf549d5f8429828f0fbc69bc37a35e07a
reference_id 77d04badf549d5f8429828f0fbc69bc37a35e07a
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-23T14:49:29Z/
url https://github.com/froxlor/froxlor/commit/77d04badf549d5f8429828f0fbc69bc37a35e07a
5
reference_url https://github.com/advisories/GHSA-vmjj-qr7v-pxm6
reference_id GHSA-vmjj-qr7v-pxm6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vmjj-qr7v-pxm6
6
reference_url https://github.com/froxlor/froxlor/security/advisories/GHSA-vmjj-qr7v-pxm6
reference_id GHSA-vmjj-qr7v-pxm6
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-23T14:49:29Z/
url https://github.com/froxlor/froxlor/security/advisories/GHSA-vmjj-qr7v-pxm6
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.3.6
purl pkg:composer/froxlor/froxlor@2.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-46tt-1n8z-xuct
1
vulnerability VCID-kjsn-vrac-67f9
2
vulnerability VCID-uyv2-5ka7-pufp
3
vulnerability VCID-vvvf-273x-s3g8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.3.6
aliases CVE-2026-41232, GHSA-vmjj-qr7v-pxm6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nbu9-sey3-w7es
28
url VCID-nf6w-t7ew-ryde
vulnerability_id VCID-nf6w-t7ew-ryde
summary Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 2.0.11.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-1033
reference_id
reference_type
scores
0
value 0.00206
scoring_system epss
scoring_elements 0.42976
published_at 2026-06-11T12:55:00Z
1
value 0.00206
scoring_system epss
scoring_elements 0.43145
published_at 2026-06-14T12:55:00Z
2
value 0.00206
scoring_system epss
scoring_elements 0.43135
published_at 2026-06-12T12:55:00Z
3
value 0.00206
scoring_system epss
scoring_elements 0.43154
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-1033
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-1033
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-1033
3
reference_url https://github.com/froxlor/froxlor/commit/4003a8d2b60728a77476d1d4f5aa5c635f128950
reference_id 4003a8d2b60728a77476d1d4f5aa5c635f128950
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-11T15:36:54Z/
url https://github.com/froxlor/froxlor/commit/4003a8d2b60728a77476d1d4f5aa5c635f128950
4
reference_url https://huntr.dev/bounties/ba3cd929-8b60-4d8d-b77d-f28409ecf387
reference_id ba3cd929-8b60-4d8d-b77d-f28409ecf387
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-11T15:36:54Z/
url https://huntr.dev/bounties/ba3cd929-8b60-4d8d-b77d-f28409ecf387
5
reference_url https://github.com/advisories/GHSA-p7qq-rrvw-x55x
reference_id GHSA-p7qq-rrvw-x55x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p7qq-rrvw-x55x
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.11
purl pkg:composer/froxlor/froxlor@2.0.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-38ph-pcue-zydu
2
vulnerability VCID-44fu-9q5x-uuf8
3
vulnerability VCID-7e6h-qe19-jken
4
vulnerability VCID-9t9n-1hhp-3yga
5
vulnerability VCID-atns-wuzm-kqh2
6
vulnerability VCID-dptm-3z1r-bubj
7
vulnerability VCID-ebbm-gvf6-xfbd
8
vulnerability VCID-f15s-unrj-57ax
9
vulnerability VCID-gfgb-su1s-ubaj
10
vulnerability VCID-hhmm-9bdt-fyb5
11
vulnerability VCID-jvvz-9twe-8fb1
12
vulnerability VCID-nbu9-sey3-w7es
13
vulnerability VCID-rw5a-bgxw-bfbd
14
vulnerability VCID-tk6b-p759-jyfv
15
vulnerability VCID-tvgb-xmfz-tuf6
16
vulnerability VCID-u4pt-mr2z-j3f2
17
vulnerability VCID-vbvy-j84s-zygu
18
vulnerability VCID-w7xv-k4rd-v7bq
19
vulnerability VCID-x93s-u6kq-fbbe
20
vulnerability VCID-xpgs-hpf3-3qff
21
vulnerability VCID-y4zg-wf1d-4bcm
22
vulnerability VCID-yqdf-v5wf-j3bj
23
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.11
aliases CVE-2023-1033, GHSA-p7qq-rrvw-x55x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nf6w-t7ew-ryde
29
url VCID-p242-zj5r-7faw
vulnerability_id VCID-p242-zj5r-7faw
summary Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0315
reference_id
reference_type
scores
0
value 0.89127
scoring_system epss
scoring_elements 0.99553
published_at 2026-06-13T12:55:00Z
1
value 0.89127
scoring_system epss
scoring_elements 0.99552
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0315
1
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0315
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-0315
3
reference_url https://github.com/froxlor/froxlor/commit/090cfc26f2722ac3036cc7fd1861955bc36f065a
reference_id 090cfc26f2722ac3036cc7fd1861955bc36f065a
reference_type
scores
0
value 7.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-07T15:09:43Z/
url https://github.com/froxlor/froxlor/commit/090cfc26f2722ac3036cc7fd1861955bc36f065a
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/51263.py
reference_id CVE-2023-0315
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/51263.py
5
reference_url https://huntr.dev/bounties/ff4e177b-ba48-4913-bbfa-ab8ce0db5943
reference_id ff4e177b-ba48-4913-bbfa-ab8ce0db5943
reference_type
scores
0
value 7.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-07T15:09:43Z/
url https://huntr.dev/bounties/ff4e177b-ba48-4913-bbfa-ab8ce0db5943
6
reference_url http://packetstormsecurity.com/files/171729/Froxlor-2.0.3-Stable-Remote-Code-Execution.html
reference_id Froxlor-2.0.3-Stable-Remote-Code-Execution.html
reference_type
scores
0
value 7.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-07T15:09:43Z/
url http://packetstormsecurity.com/files/171729/Froxlor-2.0.3-Stable-Remote-Code-Execution.html
7
reference_url http://packetstormsecurity.com/files/171108/Froxlor-2.0.6-Remote-Command-Execution.html
reference_id Froxlor-2.0.6-Remote-Command-Execution.html
reference_type
scores
0
value 7.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-07T15:09:43Z/
url http://packetstormsecurity.com/files/171108/Froxlor-2.0.6-Remote-Command-Execution.html
8
reference_url https://github.com/advisories/GHSA-cp68-42pf-6627
reference_id GHSA-cp68-42pf-6627
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cp68-42pf-6627
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.8
purl pkg:composer/froxlor/froxlor@2.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13gb-yr6z-n7cc
1
vulnerability VCID-1rwn-9phn-kkb4
2
vulnerability VCID-2mym-uwpj-v3he
3
vulnerability VCID-38ph-pcue-zydu
4
vulnerability VCID-44fu-9q5x-uuf8
5
vulnerability VCID-7e6h-qe19-jken
6
vulnerability VCID-9t9n-1hhp-3yga
7
vulnerability VCID-atns-wuzm-kqh2
8
vulnerability VCID-d48t-6m2w-s7h2
9
vulnerability VCID-dptm-3z1r-bubj
10
vulnerability VCID-ebbm-gvf6-xfbd
11
vulnerability VCID-f15s-unrj-57ax
12
vulnerability VCID-gfgb-su1s-ubaj
13
vulnerability VCID-hhmm-9bdt-fyb5
14
vulnerability VCID-hr4y-q8gp-5ua5
15
vulnerability VCID-hs15-esbz-bfhb
16
vulnerability VCID-jvvz-9twe-8fb1
17
vulnerability VCID-nbu9-sey3-w7es
18
vulnerability VCID-nf6w-t7ew-ryde
19
vulnerability VCID-rw5a-bgxw-bfbd
20
vulnerability VCID-tk6b-p759-jyfv
21
vulnerability VCID-tvgb-xmfz-tuf6
22
vulnerability VCID-u4pt-mr2z-j3f2
23
vulnerability VCID-unh1-2xmh-qbcs
24
vulnerability VCID-vbvy-j84s-zygu
25
vulnerability VCID-w7xv-k4rd-v7bq
26
vulnerability VCID-x93s-u6kq-fbbe
27
vulnerability VCID-xpgs-hpf3-3qff
28
vulnerability VCID-y4zg-wf1d-4bcm
29
vulnerability VCID-yqdf-v5wf-j3bj
30
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.8
aliases CVE-2023-0315, GHSA-cp68-42pf-6627
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p242-zj5r-7faw
30
url VCID-p627-qr92-mkdp
vulnerability_id VCID-p627-qr92-mkdp
summary Froxlor vulnerable to Cross-Site Request Forgery (CSRF)
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3017
reference_id
reference_type
scores
0
value 0.0011
scoring_system epss
scoring_elements 0.29235
published_at 2026-06-12T12:55:00Z
1
value 0.0011
scoring_system epss
scoring_elements 0.29031
published_at 2026-06-11T12:55:00Z
2
value 0.0011
scoring_system epss
scoring_elements 0.29242
published_at 2026-06-14T12:55:00Z
3
value 0.0011
scoring_system epss
scoring_elements 0.29254
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3017
1
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
2
reference_url https://github.com/froxlor/froxlor/commit/bbe82286aae21328668f24857995a67598fe978a
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor/commit/bbe82286aae21328668f24857995a67598fe978a
3
reference_url https://huntr.dev/bounties/5250c4b1-132b-4da6-9bd6-db36cb56bea0
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://huntr.dev/bounties/5250c4b1-132b-4da6-9bd6-db36cb56bea0
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3017
reference_id CVE-2022-3017
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-3017
5
reference_url https://github.com/advisories/GHSA-9xgp-3mxp-rv7x
reference_id GHSA-9xgp-3mxp-rv7x
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9xgp-3mxp-rv7x
fixed_packages
0
url pkg:composer/froxlor/froxlor@0.10.38
purl pkg:composer/froxlor/froxlor@0.10.38
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13gb-yr6z-n7cc
1
vulnerability VCID-1rwn-9phn-kkb4
2
vulnerability VCID-2mym-uwpj-v3he
3
vulnerability VCID-38ph-pcue-zydu
4
vulnerability VCID-44fu-9q5x-uuf8
5
vulnerability VCID-7e6h-qe19-jken
6
vulnerability VCID-8c8t-7j1p-3baa
7
vulnerability VCID-9t9n-1hhp-3yga
8
vulnerability VCID-atns-wuzm-kqh2
9
vulnerability VCID-d48t-6m2w-s7h2
10
vulnerability VCID-dptm-3z1r-bubj
11
vulnerability VCID-ebbm-gvf6-xfbd
12
vulnerability VCID-f15s-unrj-57ax
13
vulnerability VCID-gfgb-su1s-ubaj
14
vulnerability VCID-gxb4-1jgt-z3a8
15
vulnerability VCID-gyny-xdxc-vyg7
16
vulnerability VCID-hhky-38kt-9fcd
17
vulnerability VCID-hhmm-9bdt-fyb5
18
vulnerability VCID-hr4y-q8gp-5ua5
19
vulnerability VCID-hs15-esbz-bfhb
20
vulnerability VCID-jvvz-9twe-8fb1
21
vulnerability VCID-mgwv-2pj5-pqav
22
vulnerability VCID-nbu9-sey3-w7es
23
vulnerability VCID-nf6w-t7ew-ryde
24
vulnerability VCID-p242-zj5r-7faw
25
vulnerability VCID-qyzq-4avu-zugu
26
vulnerability VCID-rw5a-bgxw-bfbd
27
vulnerability VCID-tk6b-p759-jyfv
28
vulnerability VCID-tvgb-xmfz-tuf6
29
vulnerability VCID-u4pt-mr2z-j3f2
30
vulnerability VCID-unh1-2xmh-qbcs
31
vulnerability VCID-vbvy-j84s-zygu
32
vulnerability VCID-w7xv-k4rd-v7bq
33
vulnerability VCID-x93s-u6kq-fbbe
34
vulnerability VCID-xpgs-hpf3-3qff
35
vulnerability VCID-y4zg-wf1d-4bcm
36
vulnerability VCID-yqdf-v5wf-j3bj
37
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@0.10.38
aliases CVE-2022-3017, GHSA-9xgp-3mxp-rv7x
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p627-qr92-mkdp
31
url VCID-qyzq-4avu-zugu
vulnerability_id VCID-qyzq-4avu-zugu
summary Code Injection in GitHub repository froxlor/froxlor prior to 0.10.38.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3869
reference_id
reference_type
scores
0
value 0.14857
scoring_system epss
scoring_elements 0.94675
published_at 2026-06-11T12:55:00Z
1
value 0.14857
scoring_system epss
scoring_elements 0.94703
published_at 2026-06-14T12:55:00Z
2
value 0.14857
scoring_system epss
scoring_elements 0.94694
published_at 2026-06-12T12:55:00Z
3
value 0.14857
scoring_system epss
scoring_elements 0.94701
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3869
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://github.com/froxlor/froxlor/commit/3f10a4adede9df83408d60ded78b51b812a763a8
reference_id 3f10a4adede9df83408d60ded78b51b812a763a8
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-05-05T20:27:39Z/
url https://github.com/froxlor/froxlor/commit/3f10a4adede9df83408d60ded78b51b812a763a8
3
reference_url https://huntr.dev/bounties/7de20f21-4a9b-445d-ae2b-15ade648900b
reference_id 7de20f21-4a9b-445d-ae2b-15ade648900b
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-05-05T20:27:39Z/
url https://huntr.dev/bounties/7de20f21-4a9b-445d-ae2b-15ade648900b
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3869
reference_id CVE-2022-3869
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-3869
5
reference_url https://github.com/advisories/GHSA-6rjv-xxgr-v57x
reference_id GHSA-6rjv-xxgr-v57x
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6rjv-xxgr-v57x
fixed_packages
0
url pkg:composer/froxlor/froxlor@0.10.38%2B2
purl pkg:composer/froxlor/froxlor@0.10.38%2B2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@0.10.38%252B2
aliases CVE-2022-3869, GHSA-6rjv-xxgr-v57x
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qyzq-4avu-zugu
32
url VCID-rw5a-bgxw-bfbd
vulnerability_id VCID-rw5a-bgxw-bfbd
summary Froxlor is open source server administration software. Prior to 2.3.4, a typo in Froxlor's input validation code (== instead of =) completely disables email format checking for all settings fields declared as email type. This allows an authenticated admin to store arbitrary strings in the panel.adminmail setting. This value is later concatenated into a shell command executed as root by a cron job, where the pipe character | is explicitly whitelisted. The result is full root-level Remote Code Execution. This vulnerability is fixed in 2.3.4.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-26279
reference_id
reference_type
scores
0
value 0.009
scoring_system epss
scoring_elements 0.76198
published_at 2026-06-14T12:55:00Z
1
value 0.009
scoring_system epss
scoring_elements 0.76204
published_at 2026-06-13T12:55:00Z
2
value 0.009
scoring_system epss
scoring_elements 0.76191
published_at 2026-06-12T12:55:00Z
3
value 0.009
scoring_system epss
scoring_elements 0.76119
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-26279
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://github.com/froxlor/froxlor/commit/22249677107f8f39f8d4a238605641e87dab4343
reference_id 22249677107f8f39f8d4a238605641e87dab4343
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-04T16:12:37Z/
url https://github.com/froxlor/froxlor/commit/22249677107f8f39f8d4a238605641e87dab4343
3
reference_url https://github.com/froxlor/froxlor/releases/tag/2.3.4
reference_id 2.3.4
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-04T16:12:37Z/
url https://github.com/froxlor/froxlor/releases/tag/2.3.4
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26279
reference_id CVE-2026-26279
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26279
5
reference_url https://github.com/advisories/GHSA-33mp-8p67-xj7c
reference_id GHSA-33mp-8p67-xj7c
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-33mp-8p67-xj7c
6
reference_url https://github.com/froxlor/Froxlor/security/advisories/GHSA-33mp-8p67-xj7c
reference_id GHSA-33mp-8p67-xj7c
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-04T16:12:37Z/
url https://github.com/froxlor/Froxlor/security/advisories/GHSA-33mp-8p67-xj7c
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.3.4
purl pkg:composer/froxlor/froxlor@2.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-9t9n-1hhp-3yga
2
vulnerability VCID-atns-wuzm-kqh2
3
vulnerability VCID-ebbm-gvf6-xfbd
4
vulnerability VCID-nbu9-sey3-w7es
5
vulnerability VCID-tvgb-xmfz-tuf6
6
vulnerability VCID-w7xv-k4rd-v7bq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.3.4
aliases CVE-2026-26279, GHSA-33mp-8p67-xj7c
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rw5a-bgxw-bfbd
33
url VCID-tk6b-p759-jyfv
vulnerability_id VCID-tk6b-p759-jyfv
summary Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor prior to 2.1.0-dev1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5564
reference_id
reference_type
scores
0
value 0.00058
scoring_system epss
scoring_elements 0.18716
published_at 2026-06-14T12:55:00Z
1
value 0.00058
scoring_system epss
scoring_elements 0.18721
published_at 2026-06-12T12:55:00Z
2
value 0.00058
scoring_system epss
scoring_elements 0.18739
published_at 2026-06-13T12:55:00Z
3
value 0.00058
scoring_system epss
scoring_elements 0.18558
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5564
1
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5564
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5564
3
reference_url https://huntr.dev/bounties/9254d8f3-a847-4ae8-8477-d2ce027cff5c
reference_id 9254d8f3-a847-4ae8-8477-d2ce027cff5c
reference_type
scores
0
value 5.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
1
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T17:07:19Z/
url https://huntr.dev/bounties/9254d8f3-a847-4ae8-8477-d2ce027cff5c
4
reference_url https://github.com/froxlor/froxlor/commit/e8ed43056c1665522a586e3485da67f2bdf073aa
reference_id e8ed43056c1665522a586e3485da67f2bdf073aa
reference_type
scores
0
value 5.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
1
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T17:07:19Z/
url https://github.com/froxlor/froxlor/commit/e8ed43056c1665522a586e3485da67f2bdf073aa
5
reference_url https://github.com/advisories/GHSA-j5hq-6frc-64v3
reference_id GHSA-j5hq-6frc-64v3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j5hq-6frc-64v3
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.1.0-dev1
purl pkg:composer/froxlor/froxlor@2.1.0-dev1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.1.0-dev1
aliases CVE-2023-5564, GHSA-j5hq-6frc-64v3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tk6b-p759-jyfv
34
url VCID-tvgb-xmfz-tuf6
vulnerability_id VCID-tvgb-xmfz-tuf6
summary Froxlor is open source server administration software. Prior to version 2.3.6, in `Domains.add()`, the `adminid` parameter is accepted from user input and used without validation when the calling reseller does not have the `customers_see_all` permission. This allows a reseller to attribute newly created domains to any other admin, bypassing their own domain quota (since the wrong admin's `domains_used` counter is incremented) and potentially exhausting another admin's quota. Version 2.3.6 fixes the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41233
reference_id
reference_type
scores
0
value 0.00053
scoring_system epss
scoring_elements 0.17011
published_at 2026-06-11T12:55:00Z
1
value 0.00053
scoring_system epss
scoring_elements 0.17153
published_at 2026-06-14T12:55:00Z
2
value 0.00053
scoring_system epss
scoring_elements 0.17167
published_at 2026-06-12T12:55:00Z
3
value 0.00053
scoring_system epss
scoring_elements 0.17179
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41233
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41233
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41233
3
reference_url https://github.com/froxlor/froxlor/releases/tag/2.3.6
reference_id 2.3.6
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-23T12:26:17Z/
url https://github.com/froxlor/froxlor/releases/tag/2.3.6
4
reference_url https://github.com/froxlor/froxlor/commit/bf47ba15329506e9f9662f9462463932aa80dff5
reference_id bf47ba15329506e9f9662f9462463932aa80dff5
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-23T12:26:17Z/
url https://github.com/froxlor/froxlor/commit/bf47ba15329506e9f9662f9462463932aa80dff5
5
reference_url https://github.com/advisories/GHSA-jvx4-xv3m-hrj4
reference_id GHSA-jvx4-xv3m-hrj4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jvx4-xv3m-hrj4
6
reference_url https://github.com/froxlor/froxlor/security/advisories/GHSA-jvx4-xv3m-hrj4
reference_id GHSA-jvx4-xv3m-hrj4
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-23T12:26:17Z/
url https://github.com/froxlor/froxlor/security/advisories/GHSA-jvx4-xv3m-hrj4
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.3.6
purl pkg:composer/froxlor/froxlor@2.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-46tt-1n8z-xuct
1
vulnerability VCID-kjsn-vrac-67f9
2
vulnerability VCID-uyv2-5ka7-pufp
3
vulnerability VCID-vvvf-273x-s3g8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.3.6
aliases CVE-2026-41233, GHSA-jvx4-xv3m-hrj4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tvgb-xmfz-tuf6
35
url VCID-u4pt-mr2z-j3f2
vulnerability_id VCID-u4pt-mr2z-j3f2
summary Froxlor: /etc/pure-ftpd/db/mysql.conf is chmod 644 but contains <SQL_UNPRIVILEGED_PASSWORD>
references
0
reference_url https://github.com/froxlor/Froxlor
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 8.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/Froxlor
1
reference_url https://github.com/froxlor/Froxlor/blob/2.1.9/lib/configfiles/bookworm.xml#L3075
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 8.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/Froxlor/blob/2.1.9/lib/configfiles/bookworm.xml#L3075
2
reference_url https://github.com/froxlor/Froxlor/commit/5d2ce4ecfb0e9c397ef5c73b107fb9a0e122e910
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 8.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/Froxlor/commit/5d2ce4ecfb0e9c397ef5c73b107fb9a0e122e910
3
reference_url https://github.com/advisories/GHSA-34qg-65m4-f23m
reference_id GHSA-34qg-65m4-f23m
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-34qg-65m4-f23m
4
reference_url https://github.com/froxlor/Froxlor/security/advisories/GHSA-34qg-65m4-f23m
reference_id GHSA-34qg-65m4-f23m
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/Froxlor/security/advisories/GHSA-34qg-65m4-f23m
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.2.0
purl pkg:composer/froxlor/froxlor@2.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-7e6h-qe19-jken
2
vulnerability VCID-9t9n-1hhp-3yga
3
vulnerability VCID-atns-wuzm-kqh2
4
vulnerability VCID-ebbm-gvf6-xfbd
5
vulnerability VCID-jvvz-9twe-8fb1
6
vulnerability VCID-nbu9-sey3-w7es
7
vulnerability VCID-rw5a-bgxw-bfbd
8
vulnerability VCID-tvgb-xmfz-tuf6
9
vulnerability VCID-w7xv-k4rd-v7bq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.2.0
aliases GHSA-34qg-65m4-f23m
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u4pt-mr2z-j3f2
36
url VCID-unh1-2xmh-qbcs
vulnerability_id VCID-unh1-2xmh-qbcs
summary Weak Password Requirements in GitHub repository froxlor/froxlor prior to 2.0.10.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0564
reference_id
reference_type
scores
0
value 0.00181
scoring_system epss
scoring_elements 0.39641
published_at 2026-06-11T12:55:00Z
1
value 0.00181
scoring_system epss
scoring_elements 0.39825
published_at 2026-06-14T12:55:00Z
2
value 0.00181
scoring_system epss
scoring_elements 0.39812
published_at 2026-06-12T12:55:00Z
3
value 0.00181
scoring_system epss
scoring_elements 0.39836
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0564
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0564
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-0564
3
reference_url https://github.com/froxlor/froxlor/commit/2a84e9c1207fd3d792b7fb198fd0c66fe1a66a7a
reference_id 2a84e9c1207fd3d792b7fb198fd0c66fe1a66a7a
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T15:46:07Z/
url https://github.com/froxlor/froxlor/commit/2a84e9c1207fd3d792b7fb198fd0c66fe1a66a7a
4
reference_url https://huntr.dev/bounties/a4f86d6f-0d5d-428d-a4b3-551b20a21ce6
reference_id a4f86d6f-0d5d-428d-a4b3-551b20a21ce6
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T15:46:07Z/
url https://huntr.dev/bounties/a4f86d6f-0d5d-428d-a4b3-551b20a21ce6
5
reference_url https://github.com/advisories/GHSA-pm72-27mg-fc28
reference_id GHSA-pm72-27mg-fc28
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pm72-27mg-fc28
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.10
purl pkg:composer/froxlor/froxlor@2.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13gb-yr6z-n7cc
1
vulnerability VCID-1rwn-9phn-kkb4
2
vulnerability VCID-38ph-pcue-zydu
3
vulnerability VCID-44fu-9q5x-uuf8
4
vulnerability VCID-7e6h-qe19-jken
5
vulnerability VCID-9t9n-1hhp-3yga
6
vulnerability VCID-atns-wuzm-kqh2
7
vulnerability VCID-dptm-3z1r-bubj
8
vulnerability VCID-ebbm-gvf6-xfbd
9
vulnerability VCID-f15s-unrj-57ax
10
vulnerability VCID-gfgb-su1s-ubaj
11
vulnerability VCID-hhmm-9bdt-fyb5
12
vulnerability VCID-jvvz-9twe-8fb1
13
vulnerability VCID-nbu9-sey3-w7es
14
vulnerability VCID-nf6w-t7ew-ryde
15
vulnerability VCID-rw5a-bgxw-bfbd
16
vulnerability VCID-tk6b-p759-jyfv
17
vulnerability VCID-tvgb-xmfz-tuf6
18
vulnerability VCID-u4pt-mr2z-j3f2
19
vulnerability VCID-vbvy-j84s-zygu
20
vulnerability VCID-w7xv-k4rd-v7bq
21
vulnerability VCID-x93s-u6kq-fbbe
22
vulnerability VCID-xpgs-hpf3-3qff
23
vulnerability VCID-y4zg-wf1d-4bcm
24
vulnerability VCID-yqdf-v5wf-j3bj
25
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.10
aliases CVE-2023-0564, GHSA-pm72-27mg-fc28
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-unh1-2xmh-qbcs
37
url VCID-vbvy-j84s-zygu
vulnerability_id VCID-vbvy-j84s-zygu
summary Path Traversal in GitHub repository froxlor/froxlor prior to 2.0.20.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-3172
reference_id
reference_type
scores
0
value 0.00299
scoring_system epss
scoring_elements 0.53797
published_at 2026-06-14T12:55:00Z
1
value 0.00299
scoring_system epss
scoring_elements 0.53813
published_at 2026-06-13T12:55:00Z
2
value 0.00299
scoring_system epss
scoring_elements 0.53671
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-3172
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-3172
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-3172
3
reference_url https://github.com/froxlor/froxlor/commit/da810ea95393dfaec68a70e30b7c887c50563a7e
reference_id da810ea95393dfaec68a70e30b7c887c50563a7e
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-06T17:12:19Z/
url https://github.com/froxlor/froxlor/commit/da810ea95393dfaec68a70e30b7c887c50563a7e
4
reference_url https://huntr.dev/bounties/e50966cd-9222-46b9-aedc-1feb3f2a0b0e
reference_id e50966cd-9222-46b9-aedc-1feb3f2a0b0e
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-06T17:12:19Z/
url https://huntr.dev/bounties/e50966cd-9222-46b9-aedc-1feb3f2a0b0e
5
reference_url https://github.com/advisories/GHSA-ghqq-jfx7-f6m9
reference_id GHSA-ghqq-jfx7-f6m9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-ghqq-jfx7-f6m9
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.20
purl pkg:composer/froxlor/froxlor@2.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-38ph-pcue-zydu
2
vulnerability VCID-7e6h-qe19-jken
3
vulnerability VCID-9t9n-1hhp-3yga
4
vulnerability VCID-atns-wuzm-kqh2
5
vulnerability VCID-dptm-3z1r-bubj
6
vulnerability VCID-ebbm-gvf6-xfbd
7
vulnerability VCID-f15s-unrj-57ax
8
vulnerability VCID-jvvz-9twe-8fb1
9
vulnerability VCID-nbu9-sey3-w7es
10
vulnerability VCID-rw5a-bgxw-bfbd
11
vulnerability VCID-tk6b-p759-jyfv
12
vulnerability VCID-tvgb-xmfz-tuf6
13
vulnerability VCID-u4pt-mr2z-j3f2
14
vulnerability VCID-w7xv-k4rd-v7bq
15
vulnerability VCID-x93s-u6kq-fbbe
16
vulnerability VCID-y4zg-wf1d-4bcm
17
vulnerability VCID-yqdf-v5wf-j3bj
18
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.20
aliases CVE-2023-3172, GHSA-ghqq-jfx7-f6m9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vbvy-j84s-zygu
38
url VCID-w7xv-k4rd-v7bq
vulnerability_id VCID-w7xv-k4rd-v7bq
summary Froxlor is open source server administration software. Prior to version 2.3.6, `DataDump.add()` constructs the export destination path from user-supplied input without passing the `$fixed_homedir` parameter to `FileDir::makeCorrectDir()`, bypassing the symlink validation that was added to all other customer-facing path operations (likely as the fix for CVE-2023-6069). When the ExportCron runs as root, it executes `chown -R` on the resolved symlink target, allowing a customer to take ownership of arbitrary directories on the system. Version 2.3.6 contains an updated fix.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41231
reference_id
reference_type
scores
0
value 0.00087
scoring_system epss
scoring_elements 0.24972
published_at 2026-06-11T12:55:00Z
1
value 0.00087
scoring_system epss
scoring_elements 0.25172
published_at 2026-06-12T12:55:00Z
2
value 0.00118
scoring_system epss
scoring_elements 0.30399
published_at 2026-06-14T12:55:00Z
3
value 0.00118
scoring_system epss
scoring_elements 0.30411
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41231
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41231
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41231
3
reference_url https://github.com/froxlor/froxlor/releases/tag/2.3.6
reference_id 2.3.6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T14:48:21Z/
url https://github.com/froxlor/froxlor/releases/tag/2.3.6
4
reference_url https://github.com/froxlor/froxlor/commit/2987b0e8806ef12b532410050ad76d13d673a87d
reference_id 2987b0e8806ef12b532410050ad76d13d673a87d
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T14:48:21Z/
url https://github.com/froxlor/froxlor/commit/2987b0e8806ef12b532410050ad76d13d673a87d
5
reference_url https://github.com/advisories/GHSA-75h4-c557-j89r
reference_id GHSA-75h4-c557-j89r
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-75h4-c557-j89r
6
reference_url https://github.com/froxlor/froxlor/security/advisories/GHSA-75h4-c557-j89r
reference_id GHSA-75h4-c557-j89r
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T14:48:21Z/
url https://github.com/froxlor/froxlor/security/advisories/GHSA-75h4-c557-j89r
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.3.6
purl pkg:composer/froxlor/froxlor@2.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-46tt-1n8z-xuct
1
vulnerability VCID-kjsn-vrac-67f9
2
vulnerability VCID-uyv2-5ka7-pufp
3
vulnerability VCID-vvvf-273x-s3g8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.3.6
aliases CVE-2026-41231, GHSA-75h4-c557-j89r
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w7xv-k4rd-v7bq
39
url VCID-x93s-u6kq-fbbe
vulnerability_id VCID-x93s-u6kq-fbbe
summary Froxlor is open source server administration software. Prior to version 2.1.2, it was possible to submit the registration form with the essential fields, such as the username and password, left intentionally blank. This inadvertent omission allowed for a bypass of the mandatory field requirements (e.g. surname, company name) established by the system. Version 2.1.2 fixes this issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-50256
reference_id
reference_type
scores
0
value 0.00059
scoring_system epss
scoring_elements 0.18894
published_at 2026-06-12T12:55:00Z
1
value 0.00059
scoring_system epss
scoring_elements 0.18888
published_at 2026-06-14T12:55:00Z
2
value 0.00059
scoring_system epss
scoring_elements 0.18731
published_at 2026-06-11T12:55:00Z
3
value 0.00059
scoring_system epss
scoring_elements 0.18912
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-50256
1
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
2
reference_url https://user-images.githubusercontent.com/80028768/289675319-81ae8ebe-1308-4ee3-bedb-43cdc40da474.mp4
reference_id 289675319-81ae8ebe-1308-4ee3-bedb-43cdc40da474.mp4
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-09T15:34:46Z/
url https://user-images.githubusercontent.com/80028768/289675319-81ae8ebe-1308-4ee3-bedb-43cdc40da474.mp4
3
reference_url https://github.com/Froxlor/Froxlor/commit/4b1846883d4828962add91bd844596d89a9c7cac
reference_id 4b1846883d4828962add91bd844596d89a9c7cac
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-09T15:34:46Z/
url https://github.com/Froxlor/Froxlor/commit/4b1846883d4828962add91bd844596d89a9c7cac
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-50256
reference_id CVE-2023-50256
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-50256
5
reference_url https://github.com/advisories/GHSA-625g-fm5w-w7w4
reference_id GHSA-625g-fm5w-w7w4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-625g-fm5w-w7w4
6
reference_url https://github.com/Froxlor/Froxlor/security/advisories/GHSA-625g-fm5w-w7w4
reference_id GHSA-625g-fm5w-w7w4
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-09T15:34:46Z/
url https://github.com/Froxlor/Froxlor/security/advisories/GHSA-625g-fm5w-w7w4
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.1.2
purl pkg:composer/froxlor/froxlor@2.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-7e6h-qe19-jken
2
vulnerability VCID-9t9n-1hhp-3yga
3
vulnerability VCID-atns-wuzm-kqh2
4
vulnerability VCID-dptm-3z1r-bubj
5
vulnerability VCID-ebbm-gvf6-xfbd
6
vulnerability VCID-jvvz-9twe-8fb1
7
vulnerability VCID-nbu9-sey3-w7es
8
vulnerability VCID-rw5a-bgxw-bfbd
9
vulnerability VCID-tvgb-xmfz-tuf6
10
vulnerability VCID-u4pt-mr2z-j3f2
11
vulnerability VCID-w7xv-k4rd-v7bq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.1.2
aliases CVE-2023-50256, GHSA-625g-fm5w-w7w4
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x93s-u6kq-fbbe
40
url VCID-xpgs-hpf3-3qff
vulnerability_id VCID-xpgs-hpf3-3qff
summary Authentication Bypass by Primary Weakness in GitHub repository froxlor/froxlor prior to 2.0.13.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-1307
reference_id
reference_type
scores
0
value 0.00475
scoring_system epss
scoring_elements 0.65307
published_at 2026-06-11T12:55:00Z
1
value 0.00475
scoring_system epss
scoring_elements 0.65416
published_at 2026-06-14T12:55:00Z
2
value 0.00475
scoring_system epss
scoring_elements 0.65407
published_at 2026-06-12T12:55:00Z
3
value 0.00475
scoring_system epss
scoring_elements 0.65418
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-1307
1
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-1307
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-1307
3
reference_url https://huntr.dev/bounties/5fe85af4-a667-41a9-a00d-f99e07c5e2f1
reference_id 5fe85af4-a667-41a9-a00d-f99e07c5e2f1
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-28T17:05:24Z/
url https://huntr.dev/bounties/5fe85af4-a667-41a9-a00d-f99e07c5e2f1
4
reference_url https://github.com/froxlor/froxlor/commit/6777fbf229200f4fd566022e186548391219ab23
reference_id 6777fbf229200f4fd566022e186548391219ab23
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-28T17:05:24Z/
url https://github.com/froxlor/froxlor/commit/6777fbf229200f4fd566022e186548391219ab23
5
reference_url https://github.com/advisories/GHSA-j83x-r9qq-9g4v
reference_id GHSA-j83x-r9qq-9g4v
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j83x-r9qq-9g4v
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.13
purl pkg:composer/froxlor/froxlor@2.0.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-38ph-pcue-zydu
2
vulnerability VCID-44fu-9q5x-uuf8
3
vulnerability VCID-7e6h-qe19-jken
4
vulnerability VCID-9t9n-1hhp-3yga
5
vulnerability VCID-atns-wuzm-kqh2
6
vulnerability VCID-dptm-3z1r-bubj
7
vulnerability VCID-ebbm-gvf6-xfbd
8
vulnerability VCID-f15s-unrj-57ax
9
vulnerability VCID-gfgb-su1s-ubaj
10
vulnerability VCID-hhmm-9bdt-fyb5
11
vulnerability VCID-jvvz-9twe-8fb1
12
vulnerability VCID-nbu9-sey3-w7es
13
vulnerability VCID-rw5a-bgxw-bfbd
14
vulnerability VCID-tk6b-p759-jyfv
15
vulnerability VCID-tvgb-xmfz-tuf6
16
vulnerability VCID-u4pt-mr2z-j3f2
17
vulnerability VCID-vbvy-j84s-zygu
18
vulnerability VCID-w7xv-k4rd-v7bq
19
vulnerability VCID-x93s-u6kq-fbbe
20
vulnerability VCID-y4zg-wf1d-4bcm
21
vulnerability VCID-yqdf-v5wf-j3bj
22
vulnerability VCID-zrvp-d87z-p7dy
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.13
aliases CVE-2023-1307, GHSA-j83x-r9qq-9g4v
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xpgs-hpf3-3qff
41
url VCID-y4zg-wf1d-4bcm
vulnerability_id VCID-y4zg-wf1d-4bcm
summary Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor prior to 2.0.22.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-4829
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21984
published_at 2026-06-12T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.21972
published_at 2026-06-14T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.21996
published_at 2026-06-13T12:55:00Z
3
value 0.00071
scoring_system epss
scoring_elements 0.21795
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-4829
1
reference_url https://github.com/Froxlor/Froxlor
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Froxlor/Froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-4829
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-4829
3
reference_url https://github.com/froxlor/froxlor/commit/4711a414360782fe4fc94f7c25027077cbcdf73d
reference_id 4711a414360782fe4fc94f7c25027077cbcdf73d
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
1
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T17:04:26Z/
url https://github.com/froxlor/froxlor/commit/4711a414360782fe4fc94f7c25027077cbcdf73d
4
reference_url https://huntr.dev/bounties/babd73ca-6c80-4145-8c7d-33a883fe606b
reference_id babd73ca-6c80-4145-8c7d-33a883fe606b
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
1
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T17:04:26Z/
url https://huntr.dev/bounties/babd73ca-6c80-4145-8c7d-33a883fe606b
5
reference_url https://github.com/advisories/GHSA-cvwv-h85m-w37h
reference_id GHSA-cvwv-h85m-w37h
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cvwv-h85m-w37h
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.22
purl pkg:composer/froxlor/froxlor@2.0.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-7e6h-qe19-jken
2
vulnerability VCID-9t9n-1hhp-3yga
3
vulnerability VCID-atns-wuzm-kqh2
4
vulnerability VCID-dptm-3z1r-bubj
5
vulnerability VCID-ebbm-gvf6-xfbd
6
vulnerability VCID-jvvz-9twe-8fb1
7
vulnerability VCID-nbu9-sey3-w7es
8
vulnerability VCID-rw5a-bgxw-bfbd
9
vulnerability VCID-tk6b-p759-jyfv
10
vulnerability VCID-tvgb-xmfz-tuf6
11
vulnerability VCID-u4pt-mr2z-j3f2
12
vulnerability VCID-w7xv-k4rd-v7bq
13
vulnerability VCID-x93s-u6kq-fbbe
14
vulnerability VCID-yqdf-v5wf-j3bj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.22
aliases CVE-2023-4829, GHSA-cvwv-h85m-w37h
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y4zg-wf1d-4bcm
42
url VCID-yqdf-v5wf-j3bj
vulnerability_id VCID-yqdf-v5wf-j3bj
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-6069
reference_id
reference_type
scores
0
value 0.00336
scoring_system epss
scoring_elements 0.56855
published_at 2026-06-11T12:55:00Z
1
value 0.00336
scoring_system epss
scoring_elements 0.56975
published_at 2026-06-12T12:55:00Z
2
value 0.00336
scoring_system epss
scoring_elements 0.5699
published_at 2026-06-13T12:55:00Z
3
value 0.00336
scoring_system epss
scoring_elements 0.56981
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-6069
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://github.com/froxlor/froxlor/commit/9e8f32f1e86016733b603b50c31b97f472e8dabc
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor/commit/9e8f32f1e86016733b603b50c31b97f472e8dabc
3
reference_url https://huntr.com/bounties/aac0627e-e59d-476e-9385-edb7ff53758c
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://huntr.com/bounties/aac0627e-e59d-476e-9385-edb7ff53758c
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-6069
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-6069
5
reference_url https://github.com/advisories/GHSA-4jch-8qq5-hqg6
reference_id GHSA-4jch-8qq5-hqg6
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4jch-8qq5-hqg6
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.1.0-beta1
purl pkg:composer/froxlor/froxlor@2.1.0-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-7e6h-qe19-jken
2
vulnerability VCID-9t9n-1hhp-3yga
3
vulnerability VCID-atns-wuzm-kqh2
4
vulnerability VCID-dptm-3z1r-bubj
5
vulnerability VCID-ebbm-gvf6-xfbd
6
vulnerability VCID-jvvz-9twe-8fb1
7
vulnerability VCID-nbu9-sey3-w7es
8
vulnerability VCID-rw5a-bgxw-bfbd
9
vulnerability VCID-tvgb-xmfz-tuf6
10
vulnerability VCID-u4pt-mr2z-j3f2
11
vulnerability VCID-w7xv-k4rd-v7bq
12
vulnerability VCID-x93s-u6kq-fbbe
13
vulnerability VCID-yqdf-v5wf-j3bj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.1.0-beta1
1
url pkg:composer/froxlor/froxlor@2.1.0
purl pkg:composer/froxlor/froxlor@2.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-7e6h-qe19-jken
2
vulnerability VCID-9t9n-1hhp-3yga
3
vulnerability VCID-atns-wuzm-kqh2
4
vulnerability VCID-dptm-3z1r-bubj
5
vulnerability VCID-ebbm-gvf6-xfbd
6
vulnerability VCID-jvvz-9twe-8fb1
7
vulnerability VCID-nbu9-sey3-w7es
8
vulnerability VCID-rw5a-bgxw-bfbd
9
vulnerability VCID-tvgb-xmfz-tuf6
10
vulnerability VCID-u4pt-mr2z-j3f2
11
vulnerability VCID-w7xv-k4rd-v7bq
12
vulnerability VCID-x93s-u6kq-fbbe
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.1.0
aliases CVE-2023-6069, GHSA-4jch-8qq5-hqg6
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yqdf-v5wf-j3bj
43
url VCID-zrvp-d87z-p7dy
vulnerability_id VCID-zrvp-d87z-p7dy
summary Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-3668
reference_id
reference_type
scores
0
value 0.00105
scoring_system epss
scoring_elements 0.28011
published_at 2026-06-11T12:55:00Z
1
value 0.00105
scoring_system epss
scoring_elements 0.28225
published_at 2026-06-14T12:55:00Z
2
value 0.00105
scoring_system epss
scoring_elements 0.28211
published_at 2026-06-12T12:55:00Z
3
value 0.00105
scoring_system epss
scoring_elements 0.28234
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-3668
1
reference_url https://github.com/froxlor/froxlor
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/froxlor/froxlor
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-3668
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-3668
3
reference_url https://github.com/froxlor/froxlor/commit/03b5a921ff308eeab21bf9d240f27783c8591965
reference_id 03b5a921ff308eeab21bf9d240f27783c8591965
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-28T20:31:42Z/
url https://github.com/froxlor/froxlor/commit/03b5a921ff308eeab21bf9d240f27783c8591965
4
reference_url https://huntr.dev/bounties/df8cccf4-a340-440e-a7e0-1b42e757d66e
reference_id df8cccf4-a340-440e-a7e0-1b42e757d66e
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-28T20:31:42Z/
url https://huntr.dev/bounties/df8cccf4-a340-440e-a7e0-1b42e757d66e
5
reference_url https://github.com/advisories/GHSA-c6v5-pf66-xfq8
reference_id GHSA-c6v5-pf66-xfq8
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c6v5-pf66-xfq8
fixed_packages
0
url pkg:composer/froxlor/froxlor@2.0.21
purl pkg:composer/froxlor/froxlor@2.0.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1rwn-9phn-kkb4
1
vulnerability VCID-38ph-pcue-zydu
2
vulnerability VCID-7e6h-qe19-jken
3
vulnerability VCID-9t9n-1hhp-3yga
4
vulnerability VCID-atns-wuzm-kqh2
5
vulnerability VCID-dptm-3z1r-bubj
6
vulnerability VCID-ebbm-gvf6-xfbd
7
vulnerability VCID-jvvz-9twe-8fb1
8
vulnerability VCID-nbu9-sey3-w7es
9
vulnerability VCID-rw5a-bgxw-bfbd
10
vulnerability VCID-tk6b-p759-jyfv
11
vulnerability VCID-tvgb-xmfz-tuf6
12
vulnerability VCID-u4pt-mr2z-j3f2
13
vulnerability VCID-w7xv-k4rd-v7bq
14
vulnerability VCID-x93s-u6kq-fbbe
15
vulnerability VCID-y4zg-wf1d-4bcm
16
vulnerability VCID-yqdf-v5wf-j3bj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@2.0.21
aliases CVE-2023-3668, GHSA-c6v5-pf66-xfq8
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zrvp-d87z-p7dy
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/froxlor/froxlor@0.10.0-rc2