ltranquility

1 exploit Active since Jan 2024
CVE-2024-21644 NOMISEC HIGH SCANNER
pyload < 0.5.0b3.dev77 - Unauthenticated Information Exposure via Flask Config Endpoint
pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the `SECRET_KEY` variable. This issue has been patched in version 0.5.0b3.dev77.
1 stars
CVSS 7.5