ByteOS Network

Vulnerability Details :

CVE-2023-0565

Summary

Assigner-@huntrdev

Assigner Org ID-c09c270a-b464-47c1-9133-acb35b22c19a

Published At-29 Jan, 2023 | 00:00

Updated At-28 Mar, 2025 | 15:45

Business Logic Errors in froxlor/froxlor

Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:@huntrdev

Assigner Org ID:c09c270a-b464-47c1-9133-acb35b22c19a

Published At:29 Jan, 2023 | 00:00

Updated At:28 Mar, 2025 | 15:45

▼CVE Numbering Authority (CNA)

Business Logic Errors in froxlor/froxlor

Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10.

Affected Products

Vendor

froxlor

Product

froxlor/froxlor

Default Status

unaffected

Versions

Affected

From unspecified before 2.0.10 (custom)

Problem Types

Type	CWE ID	Description
CWE	CWE-840	CWE-840 Business Logic Errors

Type: CWE

CWE ID: CWE-840

Description: CWE-840 Business Logic Errors

Metrics

Version	Base score	Base severity	Vector
3.1	5.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N

Version: 3.1

Base score: 5.5

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N

Credits

finder

Ahmed Hassan (ahmedvienna)

finder

Josef Hassan (josefjku)

References

Hyperlink	Resource
https://huntr.dev/bounties/12d78294-1723-4450-a239-023952666102	N/A
https://github.com/froxlor/froxlor/commit/2feb8020941a82bfb4ac68890f6ced0e5b3c4a15	N/A

Hyperlink: https://huntr.dev/bounties/12d78294-1723-4450-a239-023952666102

Resource: N/A

Hyperlink: https://github.com/froxlor/froxlor/commit/2feb8020941a82bfb4ac68890f6ced0e5b3c4a15

Resource: N/A

▼Authorized Data Publishers (ADP)

1. CVE Program Container

References

Hyperlink	Resource
https://huntr.dev/bounties/12d78294-1723-4450-a239-023952666102	x_transferred
https://github.com/froxlor/froxlor/commit/2feb8020941a82bfb4ac68890f6ced0e5b3c4a15	x_transferred

Hyperlink: https://huntr.dev/bounties/12d78294-1723-4450-a239-023952666102

Resource:

x_transferred

Hyperlink: https://github.com/froxlor/froxlor/commit/2feb8020941a82bfb4ac68890f6ced0e5b3c4a15

Resource:

x_transferred

2. CISA ADP Vulnrichment

Metrics Other Info

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:security@huntr.dev

Published At:29 Jan, 2023 | 22:15

Updated At:18 Dec, 2023 | 11:15

Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	4.9	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Secondary	3.1	5.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N

Type: Primary

Version: 3.1

Base score: 4.9

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Type: Secondary

Version: 3.1

Base score: 5.5

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N

CPE Matches

froxlor>>froxlor>>Versions before 2.0.10(exclusive)

cpe:2.3:a:froxlor:froxlor:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-840	Primary	security@huntr.dev

CWE ID: CWE-840

Type: Primary

Source: security@huntr.dev

References

Hyperlink	Source	Resource
https://github.com/froxlor/froxlor/commit/2feb8020941a82bfb4ac68890f6ced0e5b3c4a15	security@huntr.dev	Patch Third Party Advisory
https://huntr.dev/bounties/12d78294-1723-4450-a239-023952666102	security@huntr.dev	Exploit Issue Tracking Patch Third Party Advisory

Hyperlink: https://github.com/froxlor/froxlor/commit/2feb8020941a82bfb4ac68890f6ced0e5b3c4a15

Source: security@huntr.dev

Resource:

Patch

Third Party Advisory

Hyperlink: https://huntr.dev/bounties/12d78294-1723-4450-a239-023952666102

Source: security@huntr.dev

Resource:

Exploit

Issue Tracking

Patch

Third Party Advisory

Similar CVEs

2Records found

CVE-2023-4304

Matching Score-6

Assigner-Protect AI (formerly huntr.dev)

View Details

Matching Score-6

Assigner-Protect AI (formerly huntr.dev)

CVSS Score-3.8||LOW

EPSS-0.11% / 30.60%

7 Day CHG~0.00%

Published-11 Aug, 2023 | 00:00

Updated-04 Oct, 2024 | 13:06

Business Logic Errors in froxlor/froxlor

Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0.

Vendor-froxlor froxlor

Product-froxlor froxlor/froxlor

CWE ID-CWE-840

Not Available

CVE-2022-0688

Matching Score-4

Assigner-Protect AI (formerly huntr.dev)

View Details

Matching Score-4

Assigner-Protect AI (formerly huntr.dev)

CVSS Score-9.4||CRITICAL

EPSS-0.33% / 55.45%

7 Day CHG~0.00%

Published-20 Feb, 2022 | 14:45

Updated-02 Aug, 2024 | 23:40

Business Logic Errors in microweber/microweber

Business Logic Errors in Packagist microweber/microweber prior to 1.2.11.

Vendor-Microweber (‘Microweber Academy’ Foundation)

Product-microweber microweber/microweber

CWE ID-CWE-840

Not Available

CVE-2023-0565

Credits

Business Logic Errors in froxlor/froxlor

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs