Binux

2 exploits Active since Nov 2024
CVE-2024-39162 WRITEUP MEDIUM STUB
pyspider <= 0.3.10 - Cross-Site Scripting via /update Endpoint
pyspider through 0.3.10 allows /update XSS. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
CVSS 6.1
CVE-2024-39163 WRITEUP HIGH WRITEUP
pyspider <= 0.3.10 - Cross-Site Request Forgery via Flask Endpoints
binux pyspider up to v0.3.10 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Flask endpoints.
CVSS 8.8