Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

froxlor — Vulnerabilities & Security Advisories 39

Browse all 39 CVE security advisories affecting froxlor. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by froxlor:froxlor/froxlorFroxlorFroxlor Froxlor Server Management Panel
CVE IDTitleCVSSSeverityPublished
CVE-2026-41233 Froxlor has a Reseller Domain Quota Bypass via Unvalidated adminid Parameter in Domains.add() — froxlorCWE-863 5.4 Medium2026-04-23
CVE-2026-41232 Froxlor has an Email Sender Alias Domain Ownership Bypass via Wrong Array Index that Allows Cross-Customer Email Spoofing — froxlorCWE-863 5.0 Medium2026-04-23
CVE-2026-41231 Froxlor has Incomplete Symlink Validation in DataDump.add() that Allows Arbitrary Directory Ownership Takeover via Cron — froxlorCWE-59 7.5 High2026-04-23
CVE-2026-41230 Froxlor has a BIND Zone File Injection via Unsanitized DNS Record Content in DomainZones::add() — froxlorCWE-93 8.5 High2026-04-23
CVE-2026-41229 Froxlor has a PHP Code Injection via Unescaped Single Quotes in userdata.inc.php Generation (MysqlServer API) — froxlorCWE-94 9.1 Critical2026-04-23
CVE-2026-41228 Froxlor has Local File Inclusion via path traversal in API `def_language` parameter that leads to Remote Code Execution — froxlorCWE-98 10.0 Critical2026-04-23
CVE-2026-30932 Froxlor is vulnerable to BIND zone file injection via unsanitized DNS record content in DomainZones API — froxlorCWE-74 7.5 -2026-03-24
CVE-2026-26279 Froxlor Admin-to-Root Privilege Escalation via Input Validation Bypass + OS Command Injection — FroxlorCWE-78 9.1 Critical2026-03-03
CVE-2020-36978 Froxlor Froxlor Server Management Panel 0.10.16 - Persistent Cross-Site Scripting — Froxlor Froxlor Server Management PanelCWE-79 6.4 Medium2026-01-27
CVE-2025-48958 Froxlor has an HTML Injection Vulnerability — FroxlorCWE-79 5.5 Medium2025-06-02
CVE-2025-29773 Froxlor allows Multiple Accounts to Share the Same Email Address Leading to Potential Privilege Escalation or Account Takeover — FroxlorCWE-287 5.8 Medium2025-03-13
CVE-2024-34070 Froxlor Vulnerable to Blind XSS Leading to Froxlor Application Compromise — FroxlorCWE-79 9.7 Critical2024-05-10
CVE-2023-50256 Froxlor username/surname AND company field Bypass — FroxlorCWE-20 7.5 High2024-01-03
CVE-2023-6069 Improper Link Resolution Before File Access in froxlor/froxlor — froxlor/froxlorCWE-59 9.9 Critical2023-11-10
CVE-2023-4829 Cross-site Scripting (XSS) - Stored in froxlor/froxlor — froxlor/froxlorCWE-79 5.4 -2023-10-13
CVE-2023-5564 Cross-site Scripting (XSS) - Stored in froxlor/froxlor — froxlor/froxlorCWE-79 5.4 -2023-10-13
CVE-2023-4304 Business Logic Errors in froxlor/froxlor — froxlor/froxlorCWE-840 3.8 Low2023-08-11
CVE-2023-3668 Improper Encoding or Escaping of Output in froxlor/froxlor — froxlor/froxlorCWE-116 8.3 -2023-07-14
CVE-2023-3192 Session Fixation in froxlor/froxlor — froxlor/froxlorCWE-384 7.6 -2023-06-11
CVE-2023-3173 Improper Restriction of Excessive Authentication Attempts in froxlor/froxlor — froxlor/froxlorCWE-307 9.4 -2023-06-09
CVE-2023-3172 Path Traversal in froxlor/froxlor — froxlor/froxlorCWE-22 2.7 -2023-06-09
CVE-2023-2666 Allocation of Resources Without Limits or Throttling in froxlor/froxlor — froxlor/froxlorCWE-770 8.1 -2023-05-12
CVE-2023-2034 Unrestricted Upload of File with Dangerous Type in froxlor/froxlor — froxlor/froxlorCWE-434 9.9 -2023-04-14
CVE-2023-1307 Authentication Bypass by Primary Weakness in froxlor/froxlor — froxlor/froxlorCWE-305 9.8 -2023-03-10
CVE-2023-1033 Cross-Site Request Forgery (CSRF) in froxlor/froxlor — froxlor/froxlorCWE-352 7.1 -2023-02-25
CVE-2023-0877 Code Injection in froxlor/froxlor — froxlor/froxlorCWE-94 4.6 -2023-02-17
CVE-2023-0671 Code Injection in froxlor/froxlor — froxlor/froxlorCWE-94 4.6 -2023-02-04
CVE-2023-0566 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in froxlor/froxlor — froxlor/froxlorCWE-79 6.2 Medium2023-01-29
CVE-2023-0564 Weak Password Requirements in froxlor/froxlor — froxlor/froxlorCWE-521 5.4 Medium2023-01-29
CVE-2023-0565 Business Logic Errors in froxlor/froxlor — froxlor/froxlorCWE-840 5.5 Medium2023-01-29

This page lists every published CVE security advisory associated with froxlor. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.