Package impact
Packagist / froxlor/froxlor
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-5100 | critical | 9.8 | 9.8 | 9y ago | Froxlor guessable password reset token | |||
| CVE-2026-41236 | high | 8.8 | 8.8 | 6d ago | Froxlor is open source server administration software. Version 2.3.6 contains a symlink-following flaw in the root-owned SSH key synchronization path used for customer FTP users. The provisioning cod… | |||
| CVE-2026-41234 | high | 7.6 | 7.6 | 1d ago | Froxlor is open source server administration software. Prior to version 2.3.7, the `DomainZones.add` API endpoint does not sanitize newline characters in TXT record content. An authenticated customer… |