Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

qriouslad — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting qriouslad. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Qriouslad develops web application security testing tools, primarily serving developers and security professionals for vulnerability identification. Historically, the tool has been associated with multiple remote code execution (RCE), cross-site scripting (XSS), and privilege escalation vulnerabilities in its own implementation. Its security record includes 12 CVEs, with several critical flaws allowing unauthorized system access and data exposure. The tool's architecture has shown recurring issues in input validation and session management, leading to potential compromise of test environments. While qriouslad remains widely used for security assessments, its own vulnerability history demonstrates the challenges in maintaining secure tooling for security testing.

Top products by qriouslad: System Dashboard Debug Log Manager – Conveniently Monitor and Inspect Errors Code Explorer Admin and Site Enhancements (ASE)
CVE IDTitleCVSSSeverityPublished
CVE-2025-15487 Code Explorer <= 1.4.6 - Authenticated (Administrator+) Arbitrary File Read via 'file' Parameter — Code ExplorerCWE-22 4.9 Medium2026-02-04
CVE-2025-10377 System Dashboard <= 2.8.20 - Cross-Site Request Forgery — System DashboardCWE-352 4.3 Medium2025-09-26
CVE-2025-3809 Debug Log Manager <= 2.3.4 - Unauthenticated Stored Cross-Site Scripting — Debug Log Manager – Conveniently Monitor and Inspect ErrorsCWE-79 7.2 High2025-04-19
CVE-2024-12299 System Dashboard <= 2.8.17 - Reflected Cross-Site Scripting via Filename Parameter — System DashboardCWE-79 6.1 Medium2025-01-30
CVE-2024-10790 Admin and Site Enhancements (ASE) <= 7.5.1 - Authenticated Stored Cross-Site Scripting via SVG — Admin and Site Enhancements (ASE)CWE-79 5.4 Medium2024-11-12
CVE-2023-5816 Code Explorer <= 1.4.5 - Authenticated (Admin+) External File Reading — Code ExplorerCWE-73 4.9 Medium2024-10-30
CVE-2023-5710 System Dashboard <= 2.8.7 - Missing Authorization to Information Disclosure (sd_constants) — System DashboardCWE-862 4.3 Medium2023-12-07
CVE-2023-5712 System Dashboard <= 2.8.7 - Missing Authorization to Information Disclosure (sd_global_value) — System DashboardCWE-862 4.3 Medium2023-12-07
CVE-2023-5713 System Dashboard <= 2.8.7 - Missing Authorization to Information Disclosure (sd_option_value) — System DashboardCWE-862 4.3 Medium2023-12-07
CVE-2023-5714 System Dashboard <= 2.8.7 - Missing Authorization to Information Disclosure (sd_db_specs) — System DashboardCWE-862 4.3 Medium2023-12-07
CVE-2023-5711 System Dashboard <= 2.8.8 - Missing Authorization to Information Disclosure (sd_php_info) — System DashboardCWE-862 4.3 Medium2023-12-07
CVE-2023-5772 Debug Log Manager <= 2.2.0 - Cross-Site Request Forgery — Debug Log Manager – Conveniently Monitor and Inspect ErrorsCWE-352 4.3 Medium2023-11-30

This page lists every published CVE security advisory associated with qriouslad. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.