2 known vulnerabilities · sorted by CVSS score
The user avatar upload function in python_book V1.0 has an arbitrary file upload vulnerability.
python_book V1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter.