📦 Wallos

by Wallosapp

🔍 What is Wallos?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2024-55371

CRITICAL CVSS 9.8 Apr 16, 2025

Wallos versions up to 2.38.2 contain a file upload vulnerability in the restore backup function that allows authenticated users to upload malicious ZIP files. When extracted on the server, these files...

CVE-2026-27479

HIGH CVSS 7.7 Feb 21, 2026

Wallos versions 4.6.0 and below contain a Server-Side Request Forgery (SSRF) vulnerability in the logo/icon upload functionality. Attackers can bypass IP validation by exploiting HTTP redirects to acc...

CVE-2024-57386

MEDIUM CVSS 6.1 Jan 23, 2025

A cross-site scripting (XSS) vulnerability in Wallos v2.41.0 allows remote attackers to inject malicious scripts via the profile picture upload function. This affects all users of Wallos v2.41.0 who h...