Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Froxlor

Source -

CNA

BOS Name -

N/A

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
2Vulnerabilities found
CVE-2020-36978
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-5.1||MEDIUM
EPSS-0.04% / 11.28%
||
7 Day CHG~0.00%
Published-27 Jan, 2026 | 18:51
Updated-29 Jan, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Froxlor Froxlor Server Management Panel 0.10.16 - Persistent Cross-Site Scripting

Froxlor Server Management Panel 0.10.16 contains a persistent cross-site scripting vulnerability in customer registration input fields. Attackers can inject malicious scripts through username, name, and firstname parameters to execute code when administrators view customer traffic modules.

Action-Not Available
Vendor-Froxlor
Product-Froxlor Froxlor Server Management Panel
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2023-50256
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.04% / 13.59%
||
7 Day CHG~0.00%
Published-03 Jan, 2024 | 22:34
Updated-17 Jun, 2025 | 20:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Froxlor username/surname AND company field Bypass

Froxlor is open source server administration software. Prior to version 2.1.2, it was possible to submit the registration form with the essential fields, such as the username and password, left intentionally blank. This inadvertent omission allowed for a bypass of the mandatory field requirements (e.g. surname, company name) established by the system. Version 2.1.2 fixes this issue.

Action-Not Available
Vendor-froxlorFroxlor
Product-froxlorFroxlor
CWE ID-CWE-20
Improper Input Validation