Vulnerabilities > Alist Project > Alist > 3.4.0

DATE CVE VULNERABILITY TITLE RISK
2024-09-30 CVE-2024-47067 Cross-site Scripting vulnerability in Alist Project Alist
AList is a file list program that supports multiple storages.
network
low complexity
alist-project CWE-79
6.1
6.1
2023-06-07 CVE-2023-33498 Unrestricted Upload of File with Dangerous Type vulnerability in Alist Project Alist
alist <=3.16.3 is vulnerable to Incorrect Access Control.
network
low complexity
alist-project CWE-434
8.8
8.8
2022-12-15 CVE-2022-45969 Path Traversal vulnerability in Alist Project Alist 3.4.0
Alist v3.4.0 is vulnerable to Directory Traversal,
network
low complexity
alist-project CWE-22
critical
 9.8
9.8
2022-12-12 CVE-2022-45968 Unrestricted Upload of File with Dangerous Type vulnerability in Alist Project Alist 3.4.0
Alist v3.4.0 is vulnerable to File Upload.
network
low complexity
alist-project CWE-434
8.8
8.8