Browse all 12 CVE security advisories affecting qriouslad. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Qriouslad develops web application security testing tools, primarily serving developers and security professionals for vulnerability identification. Historically, the tool has been associated with multiple remote code execution (RCE), cross-site scripting (XSS), and privilege escalation vulnerabilities in its own implementation. Its security record includes 12 CVEs, with several critical flaws allowing unauthorized system access and data exposure. The tool's architecture has shown recurring issues in input validation and session management, leading to potential compromise of test environments. While qriouslad remains widely used for security assessments, its own vulnerability history demonstrates the challenges in maintaining secure tooling for security testing.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-15487 | Code Explorer <= 1.4.6 - Authenticated (Administrator+) Arbitrary File Read via 'file' Parameter — Code ExplorerCWE-22 | 4.9 | Medium | 2026-02-04 |
| CVE-2023-5816 | Code Explorer <= 1.4.5 - Authenticated (Admin+) External File Reading — Code ExplorerCWE-73 | 4.9 | Medium | 2024-10-30 |
This page lists every published CVE security advisory associated with qriouslad. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.